ISA Clients, XP problems connecting to internet after removing Isa client

microsoft.public.isa.clients - Microsoft Internet Security and Acceleration


ISA Clients >> XP problems connecting to internet after removing Isa client

by YmtyYW4 » Tue, 09 Sep 2008 02:36:20 GMT

In an installation of Windows SBS 2000 with ISA configured and working, all
the clients stopped sending e-mail through Microsoft outlook. Time out error
to the SMTP server which is an internet server. Also they can upload files
when they try to use webmail and windows live messenger cannot connect. I
removed Microsoft client firewall from a PC and connected it directly to the
router and everything was working ok. When I tried to do the same thing to
another similar ( windows XP Pro SP2, Office 2003 ) PC the problems
continued... So we are in a bit of a jam here, especially since the client
firewall uninstalled without a problem. Are there some other settings we
should check ? I can open an SMTP connection from the pc and everything seems
ok but not for Outlook, which is the most critical application that is
failing. I contacted the ISP and they came on site and checked the connection
with their own laptops and of course found no problem. As for the e-mail
servers, we tried on other servers with our personal accounts with no luck.
I have to add that soon there will be a migration to a new server so
removing the ISA server is not a problem.
I have to add that soon there will be a migration to a new server so
removing the ISA server is not a problem.

Thanks in advance
Bill Kraniotis

Top

ISA Clients >> XP problems connecting to internet after removing Isa client

by Phillip Windell » Tue, 09 Sep 2008 03:13:08 GMT



By default,..Outlook does not use the Firewall Client to begin with. It can
only function with SMTP/POP3 to-from the Internet via the SecureNAT Service.
The SecureNAT Service is not capable of Authentication,...so your SMTP/POP3
Access Rule must be anonymous. Outlook is this way by default because most
people do not use it as an SMTP/POP3 Client, but use it as an Exchange MAPI
Client and by preventing it from using the Firewall Client helps make sure
that the Firewall Client/Firewall Service never interferre with the
Outlook-to-Exchange communication (at least that is my personal
interpretation of the reason).

If you want the most secure way of handling it:

1. Install the Firewall Client back on the machines where it should be

2. Enable Outlook to use the Firewall Service

3. Configure your SMTP/POP3 Access Rule to only allow the specific users you
want to function with it. You can even limit the Destination to the
specific mail server they need to use.

To configure Outlook to use the Firewall service:

1. Open the ISA MMC, go to General
2. Go to "Define Firewall Client Settings"
3. Go to the Applications Tab
4. Find Outlook,..which is set to "Disable=1"
5. Edit it to "Disable=0"



--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Top

ISA Clients >> XP problems connecting to internet after removing Isa client

by YmtyYW4 » Tue, 09 Sep 2008 14:23:01 GMT

irst of all thanks for your response Phillip,
They way you describe the configuration is the way it was until it stopped
working. After all the troubleshooting on the ISA and the fact that the
server will soon be replaced and ISA will not be used in the new setup we
would like to find out why the PC is not able to work even though firewall
client is removed and it is connected directly to the router, not the ISA
network. If we have a possible solution which doesn't require formatting
Windows XP it would be great.

Thanks in advance,
Bill Kraniotis


"Phillip Windell" wrote:

Top

ISA Clients >> XP problems connecting to internet after removing Isa client

by Phillip Windell » Tue, 09 Sep 2008 22:35:18 GMT


I don't know. That's probably one of those things where I would just have
to be there. Maybe someone else has some ideas.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Top

ISA Clients >> XP problems connecting to internet after removing Isa client

by YmtyYW4 » Mon, 15 Sep 2008 17:28:00 GMT


I have an update on the status of the problem. It seems that by installing
SP3 for windows XP the problem is solved and the clients work normal with no
ISA client installed. Now to find out what to do for Windows 2K since SP4 is
allready installed....
Top
Similar Threads

1. XP x64 Client won't connect to domain with ISA client installe - Windows Small Business Server(SBS)

2. XP x64 Client won't connect to domain with ISA client installed 

I have a new client computer with XP x64 installed.  I tracked down the 64 
bit isa client and installed it.  It works until I reboot the client and then 
I can't get it to connect to the domain.  

I get event ID 5719, Source NETLOGON,   on the client
------------------------------------------------------------------------------
"This computer was not able to set up a secure session with a domain 
controller in domain PES due to the following: 
There are currently no logon servers available to service the logon request.  
This may lead to authentication problems. Make sure that this computer is 
connected to the network. If the problem persists, please contact your domain 
administrator." 
----------------------------------------------------------------------------------
I can then unistall the client and get back on the domain at next boot.

Any ideas????

Thanks
Stuart

3. XP VPN clients connect and access, 2K connects but no access - hel - VPN on ISA

4. Error 789 when connecting from a XP Client to ISA 2004 

Hi 

this post was very useful, but still cant resolve my problem...
I have a windows server 2003 with ISA Server 2004 and a VPN client (Windows 
XP SP2), and Im trying to establish a connection using L2TP/IPSec, I receive 
the message "cant connect to the remote computer" but in Event Viewer of  
ISA shows the following messages:
-IKE security association established
-IKE security association ended.
The rules for IKE and ESP were created in ISA, the corrected ports are open 
in the firewall (PIX) . The command ping was sucessful between the client and 
ISA.
Can anyone help me, please??
thank you
marta ferreira

5. VPN clients cannot surf internet after connecting to ISA serve

6. Cisco VPN client connecting trough ISA 2004 - problem 

Hello,

I have problem with clients connecting with CIsco VPN client to another 
network. Our network is simple with ISA 2004 acting as gw and firewall. We 
have all outgoing traffic allowed except TCP port 25. However, when users 
are connecting with Cisco VPN client to mentioned network they are able to 
connect succesfully but not to ping or connect to any device on that 
network. From other netwroks it's working ok with same cisco client. We use 
simple NAT, clients has 10.218.61.X adresses assigned by DHCP and ISA has 
one public adress assigned. Remote network uses 192.168.100.X adresses. As I 
wrote, when I connect from outside of our network it's working fine. I can 
connect to remote network, and work normaly. If I connect from our company 
network, I can connect but nothing else. Does anyone has any idea what it 
can cause? Thanks for replies.

Martin

7. ISA 2004 FIREWALL RULE NOT BLOCKING INTERNET TO USER ON XP CLIENT

8. ISA Server clients internet connectivity problems? 

Hi all,

I am having problem with outbound internet acccess with my ISA 2004.
My  network scenario is like this.
1) ISA 2004 with 2 network adapters,one coming from internet 
(USB-Broadband(PPPoE)),and other one which is connected to my private 
LAN.This is server is in workgroup.
I have assigned IP Address(internal)-192.168.0.5
Preferred DNS Server:192.168.0.5

External Interface(internet)-IP Address (Assign Automatically)
Preferred DNS Server :internal IP address of ISA 2004 i.e 192.168.0.5

2)I have my own internal un-registered domain(xxx.com) running with AD-I on 
another computer which is also acting as a DHCP Server for internal client 
computers.(Scope in the range of 192.168.0.1-192.168.0.254).With 
Ip address :192.168.0.2
DNS Server:192.168.0.2

I have configured the firewall policy rule by allowing HTTP,HTTPS and FTP 
for internal clients for outbound and the web proxy client pointing to the 
ISA Server 2004,8080 port.
Still I am not able to get internet connection to my client computers,I 
don't know what is happening.I am getting 502 Error access is denied by ISA 
.Can anybody help me to figure out the problem???

Thanks in advance
mill