SBS 2000 Updates on Server

Discussion in 'NOD32 version 2 Forum' started by Wodahs, May 5, 2005.

Thread Status:
Not open for further replies.
  1. Wodahs

    Wodahs Registered Member

    Joined:
    Apr 15, 2004
    Posts:
    15
    I have had NOD32 on my client machines on an SBS 2000 newtwork for about a year now. They all work fine and I have no difficulty with getting updates.

    I just upgraded my subscriptions and am now trying to install nod32 on the SBS 2000 server. It installs fine and I did find out somethings I need to know in this post:

    https://www.wilderssecurity.com/archive/index.php/t-55610.html

    But... I can't seem to get it to update. I have tried every combination of proxy / no proxy that I can think of. With no luck.

    Time Module Event User
    5/5/2005 18:52:40 PM Update Update attempt failed (Server connection failure) SERVER\Admin

    I have also tried steps 1 and 4 here:

    http://support.microsoft.com/?kbid=295667
    (I did not start and stop any services when I tried these, did I need to?)

    Anyone have any ideas on what to do to make this work?

    Any help greatly appreciated.
     
  2. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Are you running ISA on your SBS box? Just did an SBS2K3 install this week, and another coming up next week..but I'm running these two single homed, no ISA.

    I run SBS2K at home to.

    I'm kinda tired of ISA 2K...waiting for SBS2K3 sp1 to come out so it better integrates with ISA 2K4
     
  3. Wodahs

    Wodahs Registered Member

    Joined:
    Apr 15, 2004
    Posts:
    15
    Yes.

    The sever has always seemed to behave a bit differently when connecting to the internet then the clients. I've never had any real explantaion as to why this is. For instance... I can ping an internet IP address from the Server... but if I try and ping an internet address from a client, all I get is a request timed out error.

    Since this copy of NOD32 is on the server, I'm not sure where it is being blocked.
     
  4. Wodahs

    Wodahs Registered Member

    Joined:
    Apr 15, 2004
    Posts:
    15
    bump... anyone have any ideas?
     
  5. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    With this issue can you please send an email to support@nod32.com and place a link to this thread. If you do not hear from Eset within 3 days (allows for weekends), please advise us here...

    We would appreciate if you could keep us in the loop with your progress, as we all learn this way…

    Cheers :D
     
  6. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    If you're running ISA2000, I used to protocol rules in ISA just for Symantec Corp Edition.

    isaserver.org used to have a setup guide thread about it....which is no longer there. Not, it's not one of the 2 articles you'll find if you look there right now (I just did)...but anyways, guessing the updater for NOD also needs protocol rules created for it. You'd create an access policy object for the server, and create protocol rules to allow FTP and HTTP access to the LAN IP of the server.

    What concerns me though, is that you say browsing from the server seems different than the workstations...should not be the case. I'm wondering how TCP is setup, on both the WAN NIC, and the LAN NIC. And the ever important DNS. SBS needs to be setup precisely, especially when running multi homed with ISA.

    And...so you have the updates for ISA? There was a service pack and feature pack.
     
  7. Wodahs

    Wodahs Registered Member

    Joined:
    Apr 15, 2004
    Posts:
    15
    Thanks Blackspear, I do have a support ticket open with them, but they seemed to be having trouble figuring this one out. So I decided to check around, I also have asked about this in the SBS newsgroups (no response) I will inform support about this thread and will post what the solution was when it is found. I was also looking at opening a thread at isaserver.org.

    YeOldeStonecat, first off, thanks for your help in this matter.

    The one difference I see browsing I think is normal. I have to use localhost instead of servername to access the intrAnet. The other difference however... isn't really browsing... but may indicate that ISA is being bypassed somehow. I cannot ping an internet address or IP from my client machines. I can however ping an internet addresses and IPs from the server, I'm not sure if it should be that way... or something is setup wrong.

    My SBS setup was a fresh install with settings transfered from an older 4.5 SBS per the white paper on how to do that. I have run IIS lockdown, and installed the service packs that MBSA has informed me about. I really haven't touched the default ISA or NIC configuration other than to setup a few services I wanted. (Time services for example) I will check my ISA service packs later today.

    Both NICs do run TCP, the internal net is running on TCP. I thought that was a fairly normal setup. I will look at the bindings and see if something looks wrong, and report what I find.

    I tried the All/All/All rule from here http://support.microsoft.com/?kbid=295667 but I'm not sure if I need to stop and start any service, or if it takes time for it take effect. I removed it after testing. And here is another difference thing... The current rules allow my clients to get updates... so why not the server?
     
  8. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Actually now that I think about it....I believe within the past year I was running my home SBS box multi-homed, through ISA. I fiddle with my home network all the time as I change things, test various routers, etc etc. I've been running NOD enterprise (mirror on server to manage clients), I'm pretty sure I was running it at the time of doing multi-homed, and I don't recall doing any special ISA settings.

    Lets review the TCP setup first....to make sure your SBS server is setup fine, because the fact that you mention the server acts oddly makes me wonder.

    So you're multi-homed. OK. Are you also behind a NAT router on the WAN NIC?

    Here's an example of how I setup multi-homed rigs...
    Routers LAN IP is 192.168.0.1
    Servers WAN NIC:
    IP 192.168.0.11
    SNM 255.255.255.0
    Gateway 192.168.0.1
    DNS 192.168.0.11 or 192.168.1.11 (doesn't matter, long as it's IP address of server)
    WINS leave empty

    No services are bound..only Internet Protocol TCP/IP is checked

    Servers LAN NIC
    IP 192.168.1.11
    SNM 255.255.255.0
    Gateway leave emtpy
    DNS 192.168.1.11
    WINS 192.168.1.11

    All services are bound

    DNS server properities..forwarding done to your ISPs 2x DNS servers.

    Binding orders under advanced settings of LAN NIC, should be a top of list

    Wondering if the LAT is fine.

    *Caution*...if you don't think the server is setup correctly based on this..don't go changing things nilly willy, bad things will happen unless you address a whole lot of other things at the time of change.
     
  9. Wodahs

    Wodahs Registered Member

    Joined:
    Apr 15, 2004
    Posts:
    15
    You got it... It was the provider order! Changed that and the update went right through. The NIC for my WAN was listed before the NIC for my LAN so some Internet requests such as ping were being routed to the WAN card and going straight out to the net. It appears that Internet Explorer and SUS somehow knew to use the proxy directly. Ping is now disabled and //servername now brings up the local web pages.

    I also had everything checked on the WAN card under properties, so I unchecked all but TCP/IP now everything under bindings for the WAN card in advanced setting is unchecked. I've tested Exchange, SUS and Internet access and everything looks good.

    Thankyou so much for your help on this!!!!!!!!!!!!!!!!!!!!!
     
  10. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Good to see that you have found a solution, and thanks for reporting back, as we all learn this way...

    Cheers :D
     
  11. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Good to hear, glad to help. A lot of peeps get discouraged with SBS, tis a fantastic package IMO, but can be daunting, and it's picky about being setup correctly.

    Are you running that WAN NIC behind a router?
     
  12. Wodahs

    Wodahs Registered Member

    Joined:
    Apr 15, 2004
    Posts:
    15
    Yes it's behind a NAT router, and it is the only thing plugged into that router. The NAT router gives me an extra shield, if the port is closed on the router (all the ones I'm not using are closed) and I have something set wrong on the server I still have a degree of protection.

    I have been carefull about messing around with the default setup of SBS, I figure I'm in the "knows enough to be truely dangerous catagory on SBS." I basically alowed setup to do the basic setup for me, followed the instructions for completing the setup, and have used MBSA to check for holes. I have closed other holes like the ones we just found if/when I have found them. If I make a change to the server I reaserch that specific change first to ensure that I understand the ramifications. And basically the thing just runs, and runs smoothly. Compared to the Linux server I've had to deal with lately my SBS server is a dream. Way easier to use and maintain, and much more stable.
     
Thread Status:
Not open for further replies.