Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Blocking port 80 outbound to force users through a proxy

Status
Not open for further replies.

bdoub1eu

IS-IT--Management
Joined
Dec 10, 2003
Messages
440
Location
US
Hi all!

We recently added a proxy server into the mix...Changed the proxy settings on everyone's IE to point to the new server. We then blocked port 80 on the Netscreen 25 and created a policy above the block to allow the proxy out. That way, if anyone "unchecked" their proxy settings and bypass the proxy, they would not be able to access the internet. Now nobody is getting automtic updates from the Internet (I guess because AU uses port 80???) using the AU client. Is there anyway to block access to the internet but all the automatic update client to go out and get updates from Microsoft? This is the client part of automatic updates...Obviously they can open a browser and go to windowsupdate.com...

Any ideas? SUS is an option...Is there anything I can do in the firewall to block Internet access forcing people to use the proxy to surf but allow the Automatic updates client to access the internet to get updates?

Thanks in advance!
 
automatic updates should use the browsers proxy settings, not sure why its not working, whats the proxy you are using maybe thats why Auto updates isnt working.
I would deploy SUS and this not only gets rid of the problem but gives you central control of what updates get deployed
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top