ChipW
2005-06-02 15:23:04 UTC
OK, so I took the plunge and installed SBS SP1 last night (in hindsight I
should have waited for weekend), all went well until upgrading from ISA 2000
to ISA 2004, had to turn off IIS Admin. The CEICW wizard failed during the
firewall configuration section. I reread Mariette's et. al. guide (Thanks
for all your efforts guys), ah i thought ISA rule 22, deleted it, along with
a couple others I thought I didn't need/want anymore.... firewall config
still fails. I had Inet connection, even with ISA2K Clients. Hmmm. BTW I had
a screenful of firewall policies in ISA. Not leaving well enough alone, I
ran a ISA 2004 repair thinking maybe I deleted a policy I shouldn't have. I
reran CEICW, firewall config still failed, and now only half a screen of
policies. So I try another tach and ran CEICW and turned off firewall (still
fails) then run CEICW again to turn it back on, still fails. A quick look at
ISA now only shows 3 policies. Now I'm thinking I really screwed things up.
I unistalled ISA 2004 and reinstalled, thinking that would put things back
to default, but no...still only 3 policies and no Inet with ISA 2004 clients
now installed. I had to manually change ISA policy to allow access to Inet.
Any changes in CEICW for publishing services (VPN, OWA, RDP, etc.) don't
change after running wizard. Rerunning CEICW now blocks Inet access until I
manually allow it again. So that's where I'm at, and what I've done (right
or wrong) I just don't know what to try next. I'm just looking for a
default, secure installation of ISA 2004 and have external access to RWW,
OWA, Outlook RPC, etc.
Thanks in advance
ChipW
should have waited for weekend), all went well until upgrading from ISA 2000
to ISA 2004, had to turn off IIS Admin. The CEICW wizard failed during the
firewall configuration section. I reread Mariette's et. al. guide (Thanks
for all your efforts guys), ah i thought ISA rule 22, deleted it, along with
a couple others I thought I didn't need/want anymore.... firewall config
still fails. I had Inet connection, even with ISA2K Clients. Hmmm. BTW I had
a screenful of firewall policies in ISA. Not leaving well enough alone, I
ran a ISA 2004 repair thinking maybe I deleted a policy I shouldn't have. I
reran CEICW, firewall config still failed, and now only half a screen of
policies. So I try another tach and ran CEICW and turned off firewall (still
fails) then run CEICW again to turn it back on, still fails. A quick look at
ISA now only shows 3 policies. Now I'm thinking I really screwed things up.
I unistalled ISA 2004 and reinstalled, thinking that would put things back
to default, but no...still only 3 policies and no Inet with ISA 2004 clients
now installed. I had to manually change ISA policy to allow access to Inet.
Any changes in CEICW for publishing services (VPN, OWA, RDP, etc.) don't
change after running wizard. Rerunning CEICW now blocks Inet access until I
manually allow it again. So that's where I'm at, and what I've done (right
or wrong) I just don't know what to try next. I'm just looking for a
default, secure installation of ISA 2004 and have external access to RWW,
OWA, Outlook RPC, etc.
Thanks in advance
ChipW