I am using SBS 2003 SP1 Premium (with ISA 2004)and deploying firewall client 2004 to client computers in the network.
I followed steps described in your book to publish automatic discovery information on port 80(since I chose to use DNS WPAD) in ISA management console.
However, I was able to detect the ISA Server manual by entering my ISA firewall hostname.
Please help. Many Thanks in advance.
C:\fwctool testautodetect
FwcTool version 4.0.3439 Firewall Client for ISA Server 2004 support tool Copyright (c) Microsoft Corporation. All rights reserved.
Action: Test the auto detection mechanism Type: Default
Detection details:
Timeout is set to 60 seconds Locating WSPAD URL in DHCP Server Locating option 252 in DHCP Reading network adapters information DHCP option for WPAD not found WSPAD URL was not found in DHCP Server Locating WSPAD URL in DNS Server Locating domain name in registry Opening registry key: HKLM\System\CurrentControlSet\Services\Tcpip\Parameters Querying registry value: HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Domain Domain name found: xxxx.local Resolving address: wpad.xxxx.local. Domain name found: wpad.xxxx.local. WSPAD URL found in DNS Server: http://wpad.xxxx.local/wspad.dat Initializing Web server connection Resolving IP addresses for wpad.xxxx.local Resolved 1 address(es): 192.168.16.168 Connecting to address #1: 192.168.16.168:80 Waiting for address #1 to connect Address #1 successfully connected Requesting wspad.dat file Received HTTP error 404 Requested file could not be found on this server No more address Failed to detect ISA Server
alternatively you can just use the DHCP method of enabling auto-detection of the firewall. in scope options: option name: 252 WPAD option value: http://server:8080/wpad.dat
by the way, the only thing that's listening on port 8080 is the ISA2004 proxy service.
Good point. You can change the autodiscovery listener port to be anything you want that's not being used by something else and DHCP will work with it just fine.
Guys, because IIS is co-located with ISA the DHCP way of distributing WPAD and Tom's other article do not work on SBS. Jim Harrison's download includes instructions on how to get WPAD to work on SBS.
AmyB, you mentioned that Jim Harrison's download includes instructions on how to get WPAD to work on SBS. I looked on isatools.org and all i could find was http://www.isatools.org/testautoconfig.vbs but this doesn't seem to do anything. To which downloading were you talking about so i can give it a rad and trty and get this auto discover working on SBS? Thanks Jed
I don't want to use DHCP because i don't want users on my domain to have local admin rights. From all the forum i've read it is something to do with SBS and apparently there is a fix out there for it so i can use the DNS option, does anyone know how to get this working?
The link for the SBS wpad download is on my blog at isainsbs.blogspot.com. The wpad is currently hosted on Jim Harrison's website though not in the official listings. I spoke to Jim this week and he had some great news. The SBS wpad files will be available on the ISA downloads page at Microsoft's website in the near future. They're just neatening it up now.
Amy i read your post Wednesday, July 20, 2005 Getting the Firewall Client to Automatically Detect ISA. There is a link to sbs_wpad.zip (http://isatools.org/sbs_wpad.zip) But it does not work. How do i get this file. Thanks Jed
quote:Originally posted by JedAtMidway: I don't want to use DHCP because i don't want users on my domain to have local admin rights.
? what you say here is untrue. There is no need for users to have admin rights so that their PC's firewall client can automatically be configured via DHCP.
MRIS thanks for you reply, in short yes your right. The reason i thought that users had to be a member of the local administrator group for DHCP autp discovery to work was that i have been reading Tom Shinder's Configuring ISA Server 2004 and in Chapter 5 ISA 2004 Client Types and Automating Client Provisioning is specifly says for DHCP Support that user must be logged on as local administrator. But is this Microsoft artical http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/automaticdiscovery.mspx is says that this is only the case for Windows 2000 or Firewall Client 2000. So if you are running Windows XP this statement is NOT TRUE.
So for people running SBS 2003 SP1 using DNS to publish automatic discovery information is not an option because of IIS/Exchange using port 80 so you need to use the DHCP to publish automatic discovery information on a different port eg port 6666 as discribed in the above Microsft artical. Note I did NOT have to apply the registy string SkipAuthenticationForRoutingInformation as describe in this artical to get automatically detect ISA server working. http://support.microsoft.com/default.aspx?scid=kb;en-us;885683
Hope all this info at least helps someone. Thanks Jed
The URL changed. Jim made a few refinements. It'll be moving to the Microsoft ISA downloads site soon. So check there for the final version in the next couple of months.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS >> Automatically detect ISA server for FWC 2004 
Automatically detect ISA server for FWC 2004 - 
RE: Automatically detect ISA server for FWC 2004 - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread