Use the following procedures to configure the firewall settings in Internet Security and Acceleration (ISA) Server 2004 so that you can install Systems Center Essentials 2007 on a computer running Small Business Server Premium Edition.
To create a new access rule for the ` Service
-
Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
-
Expand the Firewall Policy node under the desired computer in the navigation pane, and click Create Array Access Rule in the tasks pane.
- Name the access rule SCE Health Service, and click
Next.
- On the Rule Action page, select Allow and click
Next.
- In This rules applies to, select Selected
protocols and click Add.
- In the Add Protocols dialog box, click New, and
then click Protocol.
- In the New Protocol Definition Wizard, enter TCP
5723.
- On the Primary Connection Information page, click
New.
- On the New/Edit Protocol Information page, enter
5723 both in the From and To boxes, and click
OK.
- On the Primary Connection Information page, click
Next.
- On the Secondary Connections page, click
Next.
- On the Completing the New Protocol Definition Wizard
page, click Finish.
- Name the access rule SCE Health Service, and click
Next.
-
In the Add Protocols dialog box, expand the User-Defined folder, select TCP 5723, and click Add.
- Click Close to close the Add Protocols dialog
box.
- On the Protocols page of the New Access Rule
wizard, click Next.
- In the Access Rule Sources dialog box, click
Add.
- In the Add Protocols dialog box, expand the
Networks folder, select Internal, and click
Add.
- Select Local Host and click Add, and then click
Close.
- On the Access Rule Sources page of the New Access
Rule wizard, click Next.
- In the Add Network Entities dialog box, expand the
Networks folder, select Internal, and click
Add.
- Select Local Host and click Add, and then click
Close.
- On the Access Rule Destinations page of the New
Access Rule wizard, click Next.
- In the User Sets dialog box, click Next.
- On the Completing the New Access Rule Wizard page, click
Finish.
- Click Close to close the Add Protocols dialog
box.
To create new access rule for the System Center Essentials SDK Service
-
Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
-
Expand the Firewall Policy node under the desired computer in the navigation pane, and click Create Array Access Rule in the tasks pane.
- Name the access rule SCE SDK Service and click
Next.
- On the Rule Action page, click Allow and click
Next.
- On the Protocols page, under This rules applies
to, select Selected protocols and click Add.
- In the Add Protocols dialog box, click New, and
click Protocol.
- In the New Protocol Definition Wizard, enter TCP
5724.
- On the Primary Connection Information page, click
New.
- On the New/Edit Protocol Information page, enter
5724 both in the From and To boxes, and click
OK.
- On the Primary Connection Information page, click
Next.
- On the Secondary Connections page, click
Next.
- On the Completing the New Protocol Definition Wizard
page, click Finish.
- Name the access rule SCE SDK Service and click
Next.
-
In the Add Protocols dialog box, expand the User-Defined folder, select TCP 5724, and click Add.
- Click Close to close the Add Protocols dialog
box.
- On the Protocols page of the New Access Rule
wizard, click Next.
- In the Access Rule Sources dialog box, click
Add.
- In the Add Protocols dialog box, expand the
Networks folder, select Internal and click
Add.
- Select Local Host and click Add, then click
Close.
- On the Access Rule Sources page of the New Access
Rule wizard, click Next.
- On the Access Rule Destinations page of the New
Access Rule wizard, click Add.
- In the Add Network Entities dialog box, expand the
Networks folder, select Internal, and click
Add.
- Under the Networks folder, click Internal and
click Add.
- Select Local Host and click Add, and then click
Close.
- On the Access Rule Destinations page of the New
Access Rule wizard, click Next.
- In the User Sets dialog box, click Next.
- Click Close to close the Add Protocols dialog
box.
-
On the Completing the New Access Rule Wizard page, click Finish.
To publish the WSUS Web server
-
Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
-
Expand the Firewall Policy node in the navigation pane, and click Publish a Web Server in the tasks pane.
- Name the access rule SCE WSUS Web Server, and click
Next.
- On the Select Rule Action page, select Allow and
click Next.
- Name the access rule SCE WSUS Web Server, and click
Next.
-
In the Define Website to Publish dialog box, enter the Essentials 2007 server name in the Computer name or IP address box.
-
Enter
/*
in the Path box, and click Next. -
In the Public Name Details dialog box, enter the Essentials 2007 server name in the Public name text box and click Next.
-
In the Select Web Listener dialog box, click New.
- In the Welcome to the New Web Listener Wizard page,
enter SCE Web Listener and click Next.
- In the IP Addresses page, select the Internal and
Local Host check boxes and click Next.
- In the Welcome to the New Web Listener Wizard page,
enter SCE Web Listener and click Next.
-
On the Port Specification page of the New Web Listener Wizard, do the following:
- Select the Enable HTTP check box.
- Enter 8530 in HTTP port.
- Select the Enable SSL check box.
- Enter 8531 in SSL port.
- Click Select, select the certificate that matches the
hostname of the System Center Essentials server, and then click
OK.
- Click Next.
- Select the Enable HTTP check box.
-
On the Completing the New Web Listener Wizard page, click Finish.
-
In the Select Web Listener dialog box:
- Under Web Listener, select SCE Web Listener and
click Next.
- On the User Sets page, click Next.
- Under Web Listener, select SCE Web Listener and
click Next.
-
On the Completing the New Web Publishing Rule Wizard page, click Finish.
-
In the ISA Server 2004 console, right-click the SCE WSUS Web Server rule and click Properties.
- Click the To tab.
- Select Requests appear to come from the original
client.
- Click the Bridging tab.
- Enter
8530
in Redirect requests to the HTTP port.
- Select the Redirect requests to SSL port check box, and
enter
8531
.
- Click OK.
- Click the To tab.
-
In the ISA Server 2004 console, click Apply to save changes and update the configuration.