?
Solved

ISA 2004 - Allow access to Windows Update to all user

Posted on 2009-04-04
4
Medium Priority
?
1,170 Views
Last Modified: 2012-05-06
I followed this KB http://support.microsoft.com/kb/885819

From a workstation that has no allowed internet access I can get to www.microsoft.com but when I try to go to update.microsoft.com I get redirected to the No Internet allowed page specified in the Deny rule.

Here is the monitor from that WS below.

Any help is appreciated.


Original Client IP	Client IP	Client Username	Client Agent	Authenticated Client	Service	Server Name	Referring Server	Destination Host Name	Destination IP	Protocol	Transport	HTTP Method	URL	MIME Type	Object Source	Source Network	Destination Network	Source Proxy	Destination Proxy	Action	Bidirectional	Client Host Name	Rule	Filter Information	Network Interface	Raw IP Header	Raw Payload	Log Time	Source Port	Destination Port	Processing Time	Bytes Sent	Bytes Received	Result Code	HTTP Status Code	Cache Information	Error Information	Log Record Type
192.168.1.121	192.168.1.121	DLI\iang	IEXPLORE.EXE:3:5.1			NV	-		65.55.184.157	HTTP	TCP	-	-	-		Internal	External			Initiated Connection			Allow_Website_Maintenance	-				4/4/2009 3:09:08 PM	1163	80	0	0	0	0x0 		0x0	0x0	Firewall
0.0.0.0	192.168.1.121	DLI\iang	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)	Yes	Proxy	NV		65.55.184.157	65.55.184.157	http	TCP	GET	http://65.55.184.157/microsoftupdate			Internal	External	-	-	Denied Connection		-	Internet Lockout	Req ID: 0690d7b3 	-	-	-	4/4/2009 3:09:08 PM	0	80	188	176	614		12202 The ISA Server denied the specified Uniform Resource Locator (URL). 	0x0	0x0	Web Proxy Filter
192.168.1.121	192.168.1.121	DLI\iang	IEXPLORE.EXE:3:5.1			NV	-		65.55.184.157	HTTP	TCP	-	-	-		Internal	External			Closed Connection			Allow_Website_Maintenance	-				4/4/2009 3:09:08 PM	1163	80	188	0	176	0x80074e24 FWX_E_CONNECTION_KILLED		0x0	0x0	Firewall
192.168.1.121	192.168.1.121					NV	-		192.168.1.224	Unidentified IP Traffic (TCP:1745)	TCP	-	-	-		Internal	Local Host			Initiated Connection				-				4/4/2009 3:09:08 PM	1162	1745	0	0	0	0x0 		0x0	0x0	Firewall
192.168.1.121	192.168.1.121	DLI\iang	IEXPLORE.EXE:3:5.1			NV	-		74.125.53.99	HTTP	TCP	-	-	-		Internal	External			Initiated Connection			Allow_Website_Maintenance	-				4/4/2009 3:09:09 PM	1165	80	0	0	0	0x0 		0x0	0x0	Firewall
0.0.0.0	192.168.1.121	DLI\iang	Mozilla/4.0 (compatible; GoogleToolbar 6.0.1411.1512; Windows XP 5.1; MSIE 7.0.5730.13)	Yes	Proxy	NV		74.125.53.99	74.125.53.99	http	TCP	GET	http://74.125.53.99/search?client=navclient-auto&iqrn=zMGD&orig=0J&ie=UTF-8&oe=UTF-8&features=Rank:&q=info:http%3a%2f%2fupdate.microsoft.com%2fmicrosoftupdate&ch=73646830038			Internal	External	-	-	Denied Connection		-	Internet Lockout	Req ID: 0690d7b8 	-	-	-	4/4/2009 3:09:09 PM	0	80	1	176	577		12202 The ISA Server denied the specified Uniform Resource Locator (URL). 	0x4	0x800	Web Proxy Filter
192.168.1.121	192.168.1.121	DLI\iang	IEXPLORE.EXE:3:5.1			NV	-		74.125.53.99	HTTP	TCP	-	-	-		Internal	External			Closed Connection			Allow_Website_Maintenance	-				4/4/2009 3:09:09 PM	1165	80	16	0	176	0x80074e24 FWX_E_CONNECTION_KILLED		0x0	0x0	Firewall
 
 
 
---------------------------------------------------------------
URL SET RULE:
 
 
<?xml version="1.0" encoding="UTF-8"?>
<fpc4:Root xmlns:fpc4="http://schemas.microsoft.com/isa/config-4" xmlns:dt="urn:schemas-microsoft-com:datatypes" StorageName="FPC" StorageType="0">
	<fpc4:Build dt:dt="string">4.0.2167.887</fpc4:Build>
	<fpc4:Comment dt:dt="string"/>
	<fpc4:Edition dt:dt="int">80</fpc4:Edition>
	<fpc4:ExportItemClassCLSID dt:dt="string">{AA2E238A-0B11-4EF8-9257-DA4864F87A5A}</fpc4:ExportItemClassCLSID>
	<fpc4:ExportItemStorageName dt:dt="string">{22E1748E-43A5-4666-BC1D-0219F793484A}</fpc4:ExportItemStorageName>
	<fpc4:IsaXmlVersion dt:dt="string">1.10</fpc4:IsaXmlVersion>
	<fpc4:OptionalData dt:dt="int">4</fpc4:OptionalData>
	<fpc4:Upgrade dt:dt="boolean">0</fpc4:Upgrade>
	<fpc4:Arrays StorageName="Arrays" StorageType="0">
		<fpc4:Array StorageName="{D92FA13F-0C4A-4DD2-A5E7-A519F094F264}" StorageType="0">
			<fpc4:Components dt:dt="int">-1</fpc4:Components>
			<fpc4:Name dt:dt="string"/>
			<fpc4:RuleElements StorageName="RuleElements" StorageType="0">
				<fpc4:URLSets StorageName="URLSets" StorageType="0">
					<fpc4:URLSet StorageName="{22E1748E-43A5-4666-BC1D-0219F793484A}" StorageType="1">
						<fpc4:Name dt:dt="string">Microsoft_Updates</fpc4:Name>
						<fpc4:Predefined dt:dt="boolean">0</fpc4:Predefined>
						<fpc4:URLStrings>
							<fpc4:Str dt:dt="string">http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us</fpc4:Str>
							<fpc4:Str dt:dt="string">http://*.download.windowsupdate.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://*.microsoft.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://*.update.microsoft.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://*.windowsupdate.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://*.windowsupdate.microsoft.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://download.microsoft.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://download.windowsupdate.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://ntservicepack.microsoft.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://update.microsoft.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://windowsupdate.microsoft.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">http://wustat.windows.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">https://*.update.microsoft.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">https://*.windowsupdate.microsoft.com/*</fpc4:Str>
							<fpc4:Str dt:dt="string">https://update.microsoft.com/*</fpc4:Str>
						</fpc4:URLStrings>
					</fpc4:URLSet>
				</fpc4:URLSets>
			</fpc4:RuleElements>
		</fpc4:Array>
	</fpc4:Arrays>
</fpc4:Root>

Open in new window

0
Comment
Question by:DMTechGrooup
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:Raj-GT
ID: 24075296
I would change the URL Set to a Domain Name Set , and make sure this rule is above all the other rules.
0
 
LVL 24

Author Comment

by:DMTechGrooup
ID: 24078179
I have tried that as well.  Seems when it goes to the windows update it tries to go to an IP address instead of a domain name.. or so it seems.
0
 
LVL 14

Accepted Solution

by:
Raj-GT earned 2000 total points
ID: 24078897
Looks like the access is being blocked by 'Internal Lockout' rule. Are you sure the Windows Update rule is above all other rules in your firewall policies list. You also need to check that you have given 'All Users' access to this rule and the protocols HTTP and HTTPS are selected.

Can you give me a quick run down of this windows update rule?

0
 
LVL 24

Author Comment

by:DMTechGrooup
ID: 24159368
I havent forgotten this.. I will get back to you early next week.. Thanks.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question