ISA Clients, Bug? Windows update havn't the ability to use ISA 2004 FWC?

microsoft.public.isa.clients - Microsoft Internet Security and Acceleration


ISA Clients >> Bug? Windows update havn't the ability to use ISA 2004 FWC?

by RGF2aWQgWGlhbw » Tue, 17 Jan 2006 21:09:03 GMT

I don't know if this is a bug, but this is a fact.
After testing many times, I have found the following fact about ISA 2004
firewall and windows update.
windows update on windows XP have not the ability to use ISA 2004 Firewall
Client as the route to Internet, it only can use Secure NAT and Proxy.

If I only use Secure NAT, I can use windows update successfully.

And If I only set proxy in IE, I can use windows update successfully too,
the proxy server can be any, it can be a proxy application installed on the
same PC with windows update, or it can be ISA proxy.

But if I only use ISA server 2004 firewall client, I can reach to the
webpage http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us
when I click the Express button on this webpage, It will fail. But at this
time if I install a proxy application on the same computer, and set the proxy
settings in IE to point the proxy just installed, then it update
successfully. Because the windows update client control excuted by press the
"Express" button can't use FWC as route, it only have two choices, Secure NAT
and Proxy.

It puzzled me, windows update and ISA FWC both are the production of MS, why
Windows Update can't use FWC as route? I hope the fact is not like this.

Top

ISA Clients >> Bug? Windows update havn't the ability to use ISA 2004 FWC?

by AllenM » Wed, 25 Jan 2006 02:46:47 GMT


You are wrong. All my XP clients can access Windows Update via the ISA 2004
FWC. You probably do not have a rule in place to allow this. You need a rule
that will

1. Allow
2. HTTP and HTTPS Protocol
3. From "All Protected Networks"
4. To *.microsoft.com, *.windows.com, *.windowsupdate.com
Top

ISA Clients >> Bug? Windows update havn't the ability to use ISA 2004 FWC?

by R2VvcmdlMDA3 » Thu, 16 Feb 2006 17:37:27 GMT

i encount the same problem in my systems.And the rule is
1 allow
2 http and https protocol
3 from internal
4 to external
Top
Similar Threads

1. Bug? Windows update havn't the ability to use ISA 2004 FWC?

2. 2004 FWC -Setup failed while updating Windows Socket 2 Provide - ISA Clients

3. 2004 FWC -Setup failed while updating Windows Socket 2 Provider 

I just deployeed ISA 2k4, all 40 something nodes on my network accepted the 
firewall client except 2.  during the installation I get "Setup failed while 
updating Windows Socket 2 Provider."

4. Windows 98 Won't update via Windows Update through ISA

5. windows update failed using ISA firewall client

6. windows update failed using ISA firewall client - ISA Clients

7. Using ISA for Windows Updates in a unmanaged environment 

Here is the problem I have: I have a network that is used by public along 
with PC techs - the public using it for general browsing and the techs use it 
for downloading updates - mainly Microsoft updates. This network is one of 
many so lots of techs downloading updates are causing our main internet 
connection to be overloaded. I need to installl a caching server primarlly 
for Windows Updates. I know ISA will cache Windows Updates and is BITS aware 
but my big problem is how to make the clients use the ISA WITHOUT any changes 
to their settings, since there are PC's on the network we don't have any 
control over and the PC's the techs work on can't be altered. I don't need a 
firewall server since we have one in place I only need a caching solution. I 
know IE and Windows Update service can be automatically configured using WPAD 
but IE needts the Automatic setting to be checked to work - and this won't 
work in this environment. My other thought was to set ISA up like a 
transparent proxy - redirect port 80 to 8080 via the firewall. I know this 
can be done with Linux and Squid but I have found anything on the web about 
doing this with ISA. Any suggestions would be appreciated.

8. Using Windows Update on ISA server