ISA Server and KB968078

a while ago Microsoft released a security patch for ISA Server regarding two vulnerabilities: ISA Server stops accepting new requests after you configure Web publishing, Web proxy, or Automatic discovery and A cross-site scripting vulnerability in ISA Server 2006 allows for redirection to malicious sites.
This Microsoft KB has started many threads on message boards about issues involving VPN and RDP protocols. Most of ISA admins know this problem, but none of them had a good workaround or solution.
The recommend action was to uninstall the security update. So, the services could still function as later. Of course, this was not the ideal workaround.
Today I was reading the message boards and find out one more thread about this problem, but it seems a member of message boards (Josh) came up with a solution. Check it out:
 1. Open the MMC for RRAS under Administrative Tools, right-click on the server name, and then click on Disable Routing and Remote Access. Click YES on the warning you get about having to reconfigure your RRAS. Then reboot the server again. When it comes up, it should enable RRAS again and establish the proper connections. At this point, I was able to VPN in, but not RDP.

2. To RDP, I had to access the Terminal Services Configuration MMC under Administrative Tools, and with the Connections folder highlighted in the left-hand column, double-click on the "RDP-Tcp" connection. Now go to the Network Adapter tab. In the filed that says Network Adapter, choose the NIC that is your Internal NIC only.

If you´re having this problem, it may worth follow this procedure.
For a complete view of full thread, go to:
Paulo Oliveira.
This entry was posted in ISA Server. Bookmark the permalink.

3 Responses to ISA Server and KB968078

  1. Larry says:

    You’re a genius. Thanks!

  2. Thiago says:

    Paulo, eu vou perder as configurações de vpns site-to-site ao desabilitar o rras?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s