Configure ISA for Symantec LiveUpdate

Configure ISA for Symantec LiveUpdate

By default, Microsoft Internet Security & Acceleation Server (ISA) will block any connection between internal and external network. If you have Symantec AntiVirus and it needs to update definition (or signature) from internet through ISA, The ISA will block the connection so that the program can’t update the definition.

The error message shows as “LU1814: LiveUpdate could not retrive the update list”.
LU1814: LiveUpdate could not retrive the update list


To solve the problem, you need to add rule on ISA to allow internal server to download definition from symantec’s liveupdate site.
In this example, I configure on ISA Server 2006.

  1. Open ISA Server Management and click on Firewall Policy.
  2. Create new access rule. On New Access Rule Wizard, name the rule as you want and click Next.
    Create New Access Rule
  3. On Rule Action, select Allow. Click Next.
    Select Allow on Rule Action
  4. On Protocols, add HTTP. Symantec AntiVirus uses HTTP protocol to update definitions.
    Select HTTP protocol
  5. On Access Rule Source, select the internal server that is going to download definition from internet.
    Select internal server for update definition
  6. On Access Rule Destination, create new site object pointing to “” and add to the destination.
    Set destination to ''
  7. On User Sets, leave it to All Users.
    Select All Users
  8. Click Finish to complete creating rule.
    Finish create firewall rule
  9. Apply the configuration on ISA by click on Apply.
    Apply the configuration
  10. Next, open Symantec’s liveupdate. Select Configure on Options menu.
    Configure Symantec Antivirus options
  11. On LiveUpdate Configuration, click on HTTP tab and set HTTP Proxy Settings to ISA Server name and port.
    Set HTTP Proxy to ISA server
  12. Test manual update and now you can update definition through ISA server.
    Test update again
  13. You can also observe log file on ISA whether ISA allows the update traffic or not.
    Observe log on ISA Server


  1. Danny May 28, 2008
  2. Angela June 6, 2008
  3. linglom June 6, 2008
  4. hasan June 16, 2008
  5. Qazzafi July 29, 2008
  6. irlan November 27, 2009
  7. GentleMan August 6, 2010
  8. point February 17, 2011

Leave a Reply