Year: 2007

Link Translation (LT) is not a new function in ISA Server 2006, but it is the first implementation that is fully supported. The LT function is a Swiss army knife in a lot of situations. See the following notes from the field, where we solved a very complex business problem with it. For more information…

Note from isablog: Our blog is now accepting postings from Microsoft MVPs. We’ve discussed firewall policy in this space before, but there’s nothing like the voice of an ISA Server enthusiast and MVP from China who deals with firewall policy every day. Read these tips, and then see Best Practices Firewall Policy for ISA Server…

Recently Microsoft released Service Pack (SP) 2 for Windows Server 2003 (http://www.microsoft.com/technet/windowsserver/sp2.mspx). We tested ISA Server with the Windows service pack quite extensively. Unfortunately we discovered after the release of the Windows service pack that there are several issues that have potential ill-effects on ISA Server. This blog summarizes the currently known issues, and suggestions…

Introduction   In certain scenarios, you may want or need to install the Configuration Storage server on a domain controller. In that scenario, the most secure configuration is to configure the Configuration Storage server to run with USER privilege. See this snippet from the ISA Server Getting Started Guide:   Getting started Guide (Installing the…

As you know, ISA Server has a reporting feature. However, sometimes you may find that the report doesn’t contain any traffic. The number of requests, bytes-in and bytes out are all 0. This article will discuss the causes of these problems in ISA Server 2004 and ISA Server 2006.   To troubleshoot this issue, you…

Upgrading from ISA Server 2004 Enterprise Edition to ISA Server 2006 Enterprise Edition is a very easy task. Our official upgrade guide is useful and clear. In a nutshell, the upgrade path is the following (for the detailed steps, PLEASE read the upgrade guide, which is available at http://www.microsoft.com/technet/isa/Server 2006/Upgrade_Guide_EE.mspx): 1.      Export the ISA Server…

When configuring Remote Access VPN, you have two options on how to assign IP addresses to connecting computer DHCP and Static Pool.   DHCP When you assign an address via DHCP, you can also provide DNS and WINS (and many other settings) configuration along with the IP address. This ensures that when the user needs…

Introduction   I received a support call a few days ago from a customer saying that he has an environment where all users from the Front Desk need to log on to their workstations using one particular domain account called frontdesk. Those users are not allowed to access the Internet. On the customer’s ISA Server…

  Sometimes you get an error message in the ISA Server logs for which you can’t find any information, not in a KB, not on MSDN, not in the ISA Server SDK, or even in your favorite search engine. If the error code looks something like 0x80074E23 – the key here being that it starts…

When planning, developing, or evolving a Server and Domain Isolation solution based on Microsoft® Windows® IPsec and Microsoft® Active Directory®, you may want to include computers that are not able to support IPsec standards. You can use ISA Server as an IPsec gateway between IPsec-enabled and non-IPsec computers/networks. ISA Server is ideally suited for the…