How-to move ISA server 2004 to a new server

We've been having hardware difficulties with our existing ISA 2004 server.  It's installed on Windows 2003 server.  The decision has been made to purchase a new HP branded Windows 2003 server with ISA pre-installed.  We want to move the existing server / ISA config to the new hardware as seamlessly as possible.  We've got the new hardware in hand, but are a little short on documentation as to how to perform this procedure.  Since the current ISA server handles all Internet traffic for 14 office locations and VPNs from several offices, we'd like to pre-configure the new server off-line as much as possible before we attempt the actual install.  Naturally, we want to configure the new server with the same IP config, same server name, same routing info, etc.  What little procedure we've been able to develop so far is as follows:

ISA server move:
Prep:
- extract all config info from current server ( OS, routing, VPN, ISA, surfcontrol, etc. ).  Disk cfg is c:=10GB, D:=26GB, mirrored.
- gather all required software CDs, license info
- setup new server off-line - Apply SPs to OS, install required services ( i.e. Term serv, etc )
- Harden server 2003 OS.
- apply patches, set interfaces to internal / external with exact IP addresses from previous ISA server.  Physically identify which interface is int / ext for connection purposes.
- install Surf-control

Saturday – live migration:
-      remove current server from Domain, remove server/computer object, disconnect from network
-      Force AD policy sync ???
-      Move Digi board to new server. Install drvrs.
-      Connect new server to network, add to domain with same computer name, IP config, routing
-      setup RRAS from prev config info.
-      Setup TS from prev cfg info.
-      load exported config file backup for ISA, surfcontrol
-      set auto updates to dload, but not auto install.


Naturally, these are the broad strokes.  We need some help with the sequence of tasks as well as task details.  If anyone can help us fill in the blanks or refer us to detailed docuemntation for this procedure, it would be most appreciated.

Thanks, Bob
ramc621Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Keith AlabasterEnterprise ArchitectCommented:
Sounds cool. Don't forget antivirus etc.

I would remove the existing server on the Friday night so AD will have already replicated and be clean ready for the addition on the Saturday but that is just personal methods rather than a requirement.

You may want to review your cache settings if the drive sizes are going to be different.
If you are already on ISA2004 sp2 then fine. If not, make sure you restore the ISA config at the same patch level as you are on now and then apply the ISA service packs etc afterwards.

making a note of speed/duplex settings on the network cards won't hurt either.

In addition, i would not harden the OS until after I had ISA configured and up and running; again personal choice but I have had an occasional hiccup with the hardened OS not allowing certain config changes (restores) as the OS no longer allows that scenario.

Apart from that, you have it covered as far as I can see.

regards
Keith
0
ramc621Author Commented:
Let's not close that just yet.  We've been busy with other pressing issues and this operation was put on a temporary hold.
We have attempted to restore the backed up ISA config file from the current server to the new HP ISA appliance and it errors out each time with a message " import failed: the name already exists".
The first thing we did was add the new ISA server to the domain. We set up a different IP adrs for the internal interface since the current server is still in production.  The internal i nterface is connected to the network, but not the external.  We then configured the external interf with the exact settings as the current server.
We manipulated the XML backup file by replacing the name of the current server with the name of the new server.  

ANy ideas?

Bob
0
Keith AlabasterEnterprise ArchitectCommented:
This is a different ballgame. The export will hold all of the info including names of the ISA servers and ID's. You cannot just edit the XML file alone. It is detecting (I believe) the original ISA server.
Have you tried doing this off the network and then importing the file?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.