Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
RE: XP SP2 and Windows Update
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
RE: XP SP2 and Windows Update - 13.Sep.2004 9:42:00 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi Jason,
the best method to debug such issues is to take a NetMon trace at the ISA internal interface. Analyzing those traces and match them with the ISA logs should reveal what is the cause of your problems with Windows Update.
What happens if you create an all open protocol (all IP traffic, any request) and site&content (all destinations, any content, any request) rule?
According to my and Jim's testing it should work as long as no authenticated rules are used for the Windows Update sites.
HTH,
Stefaan
|
|
|
|
|
RE: XP SP2 and Windows Update - 13.Sep.2004 10:03:00 PM
|
|
|
Jason
Posts: 49
Joined: 7.May2001
From: US
Status: offline
|
Stefaan,
Did your testing include a default gateway on the client? If I put the default gateway on a client that has the firewall client - it will run but without it - it will fail.
Jason
[ September 13, 2004, 10:20 PM: Message edited by: Jason ]
|
|
|
|
|
RE: XP SP2 and Windows Update - 15.Sep.2004 10:39:00 PM
|
|
|
Jason
Posts: 49
Joined: 7.May2001
From: US
Status: offline
|
Hey Stefaan,
Its definitely possible that its in one of those but I really dont see anything wrong. I presume the firewall client is working as thats all thats on these machines - the proxy info is not in IE, there is no default gateway, and the firewall client is installed. So I presume it has to be working correctly as this is really the only problem I have been seeing.
For the LAT on ISA I have these:
10.0.0.0 - 10.255.255.255, 169.254.0.0 - 169.254.255.255, 172.16.0.0 - 172.31.255.255, and my local subnet 192.168.0.0 - 192.168.0.255
LOCALLAT.TXT file is not present on my system.
I dont see anything related to Windows Update being disabled in the firewall client settings on ISA but not exactly sure on the executable name?
Jason
|
|
|
|
|
RE: XP SP2 and Windows Update - 15.Sep.2004 11:04:00 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi Jason,
the LAT on ISA should only contain your internal IP range; nothing more, nothing less! Assuming your internal network is 192.168.0.0/24 then the LAT should only contain the single entry '192.168.0.0 - 192.168.0.255'.
HTH,
Stefaan
|
|
|
|
|
RE: XP SP2 and Windows Update - 16.Sep.2004 5:13:00 PM
|
|
|
Jason
Posts: 49
Joined: 7.May2001
From: US
Status: offline
|
Stefaan,
Will change it and see what happens.
Thanks again,
Jason
|
|
|
|
|
RE: XP SP2 and Windows Update - 16.Sep.2004 5:37:00 PM
|
|
|
Jason
Posts: 49
Joined: 7.May2001
From: US
Status: offline
|
Still no go!
Jason
|
|
|
|
|
RE: XP SP2 and Windows Update - 16.Sep.2004 8:28:00 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi Jason,
OK, I suggest you do the following:
- go to http://www.isatools.org and download the script 'ISAInfo for ISA 2000'
- run it on your ISA server
- post here the URL where we can view the result
Hopefully we will find out what is going on.
HTH,
Stefaan
|
|
|
|
|
RE: XP SP2 and Windows Update - 22.Sep.2004 8:18:00 PM
|
|
|
Jason
Posts: 49
Joined: 7.May2001
From: US
Status: offline
|
Hey Stefaan,
How bout I give you some directions to reproduce it? Microsoft called me today and I was able to get them to reproduce it and then a little bit later they called back and basically said that their work arounds will not fix it the way I have ISA deployed - which is just the firewall client with no default gateway and no web proxy info set.
To reproduce it - take away the default gateway, have the firewall client deployed, and have no proxy info set. Then for whatever reason, you have to reboot to see the error (MS guy would try it after taking out the default gateway but it would still work until the reboot). Once rebooted you should get the error on Windows Update.
On a worse note, they basically said to either deploy an SUS server or pass out the default gateway. They also said that they are not considering this high priority and thus a fix will not be coming for a long while. Gotta love that!
Anyways, since I could get them to reproduce it - I dont think its my config but if that is not reproducable on your end - let me know and I will get the config to you.
Jason
|
|
|
|
|
RE: XP SP2 and Windows Update - 23.Sep.2004 10:47:00 PM
|
|
|
Jason
Posts: 49
Joined: 7.May2001
From: US
Status: offline
|
Stefaan,
Thanks for looking into it further - I believe what you are describing is essentially what is happening.
My problem with making the clients both web and firewall clients is teaching the users another thing to shut off when on the road. Its not a huge operation but one that would cause some problems for users until they got used to it.
Really it should work and since they have admitted that its a bug - they should fix it. They say they plan on it but no specific time frame and they dont consider it a high priority so it probably wont be very quick.
So I guess in my case - besides changing either the clients or installing a WUS server - it just wont work until they fix it. My main reason for posting was that everyone else seemed to be getting by with the workarounds but I never could but it looks like its the clients not the config of the server.
I was also told by them that ISA 2004 with only the firewall client installed and no other client installed it will work - which I find odd as they say the problem isnt with ISA but the windows update control - so im kind of wondering why 04 will work but 00 wont?
Anyways - I appreciate all the help - you da man!
J
|
|
|
|
|
RE: XP SP2 and Windows Update - 24.Sep.2004 7:14:00 PM
|
|
|
Jason
Posts: 49
Joined: 7.May2001
From: US
Status: offline
|
Stefaan,
Good point - I think thats the way Im going to have to go.
Thanks again for all the help! This site really is invaluable!
J
|
|
|
|
|
RE: XP SP2 and Windows Update - 15.Sep.2005 9:17:00 PM
|
|
|
Herman_Swartz
Posts: 20
Joined: 10.Apr.2002
Status: offline
|
I am having same problems with Web Proxy authentication enabled and using browser proxy settings (Web Proxy Client).
Windows Update does slip around the proxy settings and tries to use port 80, which I intentionally block.
Windows Update is a Microsoft product, ISA server is a Microsoft product, IE is a Microsoft product. Yet they don't work together.
What am I missing?
Herman
|
|
|
|
|
RE: XP SP2 and Windows Update - 15.Sep.2005 9:56:00 PM
|
|
|
LLigetfa
Posts: 2184
Joined: 10.Aug.2004
From: fort frances.on.ca
Status: offline
|
They DO all work together if you write your rule as documented in this thread, namely anonymous.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
![[Eek!]](/image/smiles/eek.gif)
![[Big Grin]](/image/smiles/biggrin.gif)
![[Razz]](/image/smiles/tongue.gif)
![[Smile]](/image/smiles/smile.gif)
RE: XP SP2 and Windows Update - ![[Confused]](/image/smiles/confused.gif)
