Following the advice of gurus in the newsgroup, the internet connection has been removed from the SBS 2000 and terminated on a XP node. Kindly advise on the following:
1.. if the Microsoft Firewall Client is still required to be run on the XP hosting the internet connection?
2.. how does one update the virus definitions for the Norton Corporate Antivirus installed on the SBS 2000?
Thanking you in anticipation.

Rajiv Khandelwal

Dr. Khandelwal... exactly how is Internet connectivity being set up?

http://www.smallbizserver.net click on network setups. How is your
network physically set up?

Rajiv Khandelwal, M. D. wrote:

> Following the advice of gurus in the newsgroup, the internet connection
> has been removed from the SBS 2000 and terminated on a XP node. Kindly
> advise on the following:
>
> 1. if the Microsoft Firewall Client is still required to be run on
> the XP hosting the internet connection?
> 2. how does one update the virus definitions for the Norton Corporate
> Antivirus installed on the SBS 2000?
>
> Thanking you in anticipation.
>
> Rajiv Khandelwal

--
http://www.sbslinks.com/really.htm

Susan,

Thanks for your reply. I have two NIC cards on the XP and one NIC is for the
internet through a EXE file provided by the ISP.

I had a problem with the internet terminating on my SBS 2000 and thereafter
this method has been used.

Rajiv Khandelwal
------------------------------------
www.vardaan.net
"Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" >
wrote in message ...
> Dr. Khandelwal... exactly how is Internet connectivity being set up?
>
> http://www.smallbizserver.net click on network setups. How is your
> network physically set up?
>
> Rajiv Khandelwal, M. D. wrote:
>
> > Following the advice of gurus in the newsgroup, the internet connection
> > has been removed from the SBS 2000 and terminated on a XP node. Kindly
> > advise on the following:
> >
> > 1. if the Microsoft Firewall Client is still required to be run on
> > the XP hosting the internet connection?
> > 2. how does one update the virus definitions for the Norton Corporate
> > Antivirus installed on the SBS 2000?
> >
> > Thanking you in anticipation.
> >
> > Rajiv Khandelwal
>
> --
> http://www.sbslinks.com/really.htm
>

Rajiv,

I'd suggest you install that ISP connector App on a cheap PC between your
ISP and the SBSserver's WAN NIC ( it will be the equivalent of a
FW/Router ).

You -do- need an aggressively effective and granular firewall so I'm
sure -no- responsible "Guru" or other poster in the SBS Newsgroups would
have told you to disable ISA in the absence of an equivalent in place
stand-in. ( and you have already suffered the consequences of such an
action ) In fact we -do- know different, (that you have been told this
time and again), don't we Rajiv ? ...so please don't post such nonsense
again. Others might believe you and find themselves hacked as you were,
.....and that would be very bad Karma.

--
Henry Craven.

========= Post It Appropriately: ============
SBS 4/4.5 : microsoft.public.backoffice.smallbiz
SBS 2000 : microsoft.public.backoffice.smallbiz2000
SBS 2003 : microsoft.public.windows.server.sbs
=====================================

"Rajiv Khandelwal, M. D." > wrote in message
...
> Susan,
>
> Thanks for your reply. I have two NIC cards on the XP and one NIC is
for the
> internet through a EXE file provided by the ISP.
>
> I had a problem with the internet terminating on my SBS 2000 and
thereafter
> this method has been used.
>
> Rajiv Khandelwal
> ------------------------------------
> www.vardaan.net

You may find this helpful.

Using Windows 2000 as a Home or Small Business Gateway

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/deploy/depopt/w2kgate.asp

modify it to suite the SBS environment.
( DHCP Client only on the Gateway Box ( and only if your ISP assigns you
a Dynamic IP address, and the SBServer between the Box and the LAN
Switch/Hub )

--
Henry Craven.

========= Post It Appropriately: ============
SBS 4/4.5 : microsoft.public.backoffice.smallbiz
SBS 2000 : microsoft.public.backoffice.smallbiz2000
SBS 2003 : microsoft.public.windows.server.sbs
=====================================

"Henry Craven" > wrote in message
...
> Rajiv,
>
> I'd suggest you install that ISP connector App on a cheap PC between
your
> ISP and the SBSserver's WAN NIC ( it will be the equivalent of a
> FW/Router ).
>
> You -do- need an aggressively effective and granular firewall so I'm
> sure -no- responsible "Guru" or other poster in the SBS Newsgroups
would
> have told you to disable ISA in the absence of an equivalent in place
> stand-in. ( and you have already suffered the consequences of such an
> action ) In fact we -do- know different, (that you have been told this
> time and again), don't we Rajiv ? ...so please don't post such nonsense
> again. Others might believe you and find themselves hacked as you were,
> ....and that would be very bad Karma.
>
> --
> Henry Craven.
>
> ========= Post It Appropriately: ============
> SBS 4/4.5 : microsoft.public.backoffice.smallbiz
> SBS 2000 : microsoft.public.backoffice.smallbiz2000
> SBS 2003 : microsoft.public.windows.server.sbs
> =====================================
>
> "Rajiv Khandelwal, M. D." > wrote in message
> ...
> > Susan,
> >
> > Thanks for your reply. I have two NIC cards on the XP and one NIC is
> for the
> > internet through a EXE file provided by the ISP.
> >
> > I had a problem with the internet terminating on my SBS 2000 and
> thereafter
> > this method has been used.
> >
> > Rajiv Khandelwal
> > ------------------------------------
> > www.vardaan.net
>
>

Henry,

I think that you have got everything wrong. Where have I mentioned that I
have disabled ISA or the Firewall?

What I am saying is that I have removed the internet connection from the SBS
2000.and put it on a node, which is what you are mentioning.

Rajiv Khandelwal
------------------------------------
www.vardaan.net
"Henry Craven" > wrote in message
...
> Rajiv,
>
> I'd suggest you install that ISP connector App on a cheap PC between your
> ISP and the SBSserver's WAN NIC ( it will be the equivalent of a
> FW/Router ).
>
> You -do- need an aggressively effective and granular firewall so I'm
> sure -no- responsible "Guru" or other poster in the SBS Newsgroups would
> have told you to disable ISA in the absence of an equivalent in place
> stand-in. ( and you have already suffered the consequences of such an
> action ) In fact we -do- know different, (that you have been told this
> time and again), don't we Rajiv ? ...so please don't post such nonsense
> again. Others might believe you and find themselves hacked as you were,
> ....and that would be very bad Karma.
>
> --
> Henry Craven.
>
> ========= Post It Appropriately: ============
> SBS 4/4.5 : microsoft.public.backoffice.smallbiz
> SBS 2000 : microsoft.public.backoffice.smallbiz2000
> SBS 2003 : microsoft.public.windows.server.sbs
> =====================================
>
> "Rajiv Khandelwal, M. D." > wrote in message
> ...
> > Susan,
> >
> > Thanks for your reply. I have two NIC cards on the XP and one NIC is
> for the
> > internet through a EXE file provided by the ISP.
> >
> > I had a problem with the internet terminating on my SBS 2000 and
> thereafter
> > this method has been used.
> >
> > Rajiv Khandelwal
> > ------------------------------------
> > www.vardaan.net
>
>

Yes and currently you have no ISA between you ....how are you sharing
that connection? And what firewall do you currently have in place? Is
this a satellite connection that comes into that XP that then should be
stuck in front of SBS2000?

If that XP is a member of the domain and is doing the sharing of the
Internet...what protection do you have?


Internet connection >> into the server >> workstations

Is the preferred way.. you sandwich that Server as protection between
teh Internet and the workstations


not

Internet connection >>into workstation >> shared to server/workstation


Dr. Khandelwal go to www.smallbizserver.net click on network setups. Is
there a reason that you cannot follow the setups on those pages?




Rajiv Khandelwal, M. D. wrote:

> Henry,
>
> I think that you have got everything wrong. Where have I mentioned that I
> have disabled ISA or the Firewall?
>
> What I am saying is that I have removed the internet connection from the SBS
> 2000.and put it on a node, which is what you are mentioning.
>
> Rajiv Khandelwal
> ------------------------------------
> www.vardaan.net
> "Henry Craven" > wrote in message
> ...
>
>>Rajiv,
>>
>>I'd suggest you install that ISP connector App on a cheap PC between your
>>ISP and the SBSserver's WAN NIC ( it will be the equivalent of a
>>FW/Router ).
>>
>>You -do- need an aggressively effective and granular firewall so I'm
>>sure -no- responsible "Guru" or other poster in the SBS Newsgroups would
>>have told you to disable ISA in the absence of an equivalent in place
>>stand-in. ( and you have already suffered the consequences of such an
>>action ) In fact we -do- know different, (that you have been told this
>>time and again), don't we Rajiv ? ...so please don't post such nonsense
>>again. Others might believe you and find themselves hacked as you were,
>>....and that would be very bad Karma.
>>
>>--
>>Henry Craven.
>>
>>========= Post It Appropriately: ============
>>SBS 4/4.5 : microsoft.public.backoffice.smallbiz
>>SBS 2000 : microsoft.public.backoffice.smallbiz2000
>>SBS 2003 : microsoft.public.windows.server.sbs
>>=====================================
>>
>>"Rajiv Khandelwal, M. D." > wrote in message
...
>>
>>>Susan,
>>>
>>>Thanks for your reply. I have two NIC cards on the XP and one NIC is
>>
>>for the
>>
>>>internet through a EXE file provided by the ISP.
>>>
>>>I had a problem with the internet terminating on my SBS 2000 and
>>
>>thereafter
>>
>>>this method has been used.
>>>
>>>Rajiv Khandelwal
>>>------------------------------------
>>>www.vardaan.net
>>
>>
>
>

--
http://www.sbslinks.com/really.htm

Humble apologies Rajiv.
I totally mis-read. ( ...and for the life of me now I can't see how as
you state things pretty clearly. I should definitely re-read and ensure
I've posted directly to the question before I send. Apologies again. )

So let me address this some more.

Placing the Internet connection on a node inside the LAN bypasses ISA and
makes you as vulnerable as being without it.

I'd definitely suggest you use the setup I described:

ISP
|
External NIC
Bridge/Router/Firewall
( can be a PC if needs be so as to - as in your case - host specific ISP
connection Application )
Internal NIC
|
WAN NIC
SBS with ISA Configured & Enabled
LAN NIC
|
Switch/Hub
| | | |
LAN Workstations.

So, to be specific to your questions,

1. As the PC Hosting the ISP's Connector is -outside- the LAN it does not
need the ISA Client

2. AFAIK Norton LiveUpdate uses FTP:
Outbound port: 21
Inbound port: 20

So you'll need to open ports 20 & 21 Appropriately in ISA

There used to be a problem with their using a POPproxy that had to have
port 110 open, but I'm not sure if that's still the case. - You may wish
to contact Symantec and check on these matters.

--
Henry Craven.

========= Post It Appropriately: ============
SBS 4/4.5 : microsoft.public.backoffice.smallbiz
SBS 2000 : microsoft.public.backoffice.smallbiz2000
SBS 2003 : microsoft.public.windows.server.sbs
=====================================
"Rajiv Khandelwal, M. D." > wrote in message
...
> Henry,
>
> I think that you have got everything wrong. Where have I mentioned that
I
> have disabled ISA or the Firewall?
>
> What I am saying is that I have removed the internet connection from
the SBS
> 2000.and put it on a node, which is what you are mentioning.
>
> Rajiv Khandelwal
> ------------------------------------

I should say "is there a technical reason"?

Like some service or setup that won't run on the SBS or router?

Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
> Yes and currently you have no ISA between you ....how are you sharing
> that connection? And what firewall do you currently have in place? Is
> this a satellite connection that comes into that XP that then should be
> stuck in front of SBS2000?
>
> If that XP is a member of the domain and is doing the sharing of the
> Internet...what protection do you have?
>
>
> Internet connection >> into the server >> workstations
>
> Is the preferred way.. you sandwich that Server as protection between
> teh Internet and the workstations
>
>
> not
>
> Internet connection >>into workstation >> shared to server/workstation
>
> Dr. Khandelwal go to www.smallbizserver.net click on network setups. Is
> there a reason that you cannot follow the setups on those pages?
>
>
>
>
> Rajiv Khandelwal, M. D. wrote:
>
>> Henry,
>>
>> I think that you have got everything wrong. Where have I mentioned that I
>> have disabled ISA or the Firewall?
>>
>> What I am saying is that I have removed the internet connection from
>> the SBS
>> 2000.and put it on a node, which is what you are mentioning.
>>
>> Rajiv Khandelwal
>> ------------------------------------
>> www.vardaan.net
>> "Henry Craven" > wrote in message
>> ...
>>
>>> Rajiv,
>>>
>>> I'd suggest you install that ISP connector App on a cheap PC between
>>> your
>>> ISP and the SBSserver's WAN NIC ( it will be the equivalent of a
>>> FW/Router ).
>>>
>>> You -do- need an aggressively effective and granular firewall so I'm
>>> sure -no- responsible "Guru" or other poster in the SBS Newsgroups would
>>> have told you to disable ISA in the absence of an equivalent in place
>>> stand-in. ( and you have already suffered the consequences of such an
>>> action ) In fact we -do- know different, (that you have been told this
>>> time and again), don't we Rajiv ? ...so please don't post such nonsense
>>> again. Others might believe you and find themselves hacked as you were,
>>> ....and that would be very bad Karma.
>>>
>>> --
>>> Henry Craven.
>>>
>>> ========= Post It Appropriately: ============
>>> SBS 4/4.5 : microsoft.public.backoffice.smallbiz
>>> SBS 2000 : microsoft.public.backoffice.smallbiz2000
>>> SBS 2003 : microsoft.public.windows.server.sbs
>>> =====================================
>>>
>>> "Rajiv Khandelwal, M. D." > wrote in message
>>> ...
>>>
>>>> Susan,
>>>>
>>>> Thanks for your reply. I have two NIC cards on the XP and one NIC is
>>>
>>>
>>> for the
>>>
>>>> internet through a EXE file provided by the ISP.
>>>>
>>>> I had a problem with the internet terminating on my SBS 2000 and
>>>
>>>
>>> thereafter
>>>
>>>> this method has been used.
>>>>
>>>> Rajiv Khandelwal
>>>> ------------------------------------
>>>> www.vardaan.net
>>>
>>>
>>>
>>
>>
>

--
http://www.sbslinks.com/really.htm