ramc621
asked on
How-to move ISA server 2004 to a new server
We've been having hardware difficulties with our existing ISA 2004 server. It's installed on Windows 2003 server. The decision has been made to purchase a new HP branded Windows 2003 server with ISA pre-installed. We want to move the existing server / ISA config to the new hardware as seamlessly as possible. We've got the new hardware in hand, but are a little short on documentation as to how to perform this procedure. Since the current ISA server handles all Internet traffic for 14 office locations and VPNs from several offices, we'd like to pre-configure the new server off-line as much as possible before we attempt the actual install. Naturally, we want to configure the new server with the same IP config, same server name, same routing info, etc. What little procedure we've been able to develop so far is as follows:
ISA server move:
Prep:
- extract all config info from current server ( OS, routing, VPN, ISA, surfcontrol, etc. ). Disk cfg is c:=10GB, D:=26GB, mirrored.
- gather all required software CDs, license info
- setup new server off-line - Apply SPs to OS, install required services ( i.e. Term serv, etc )
- Harden server 2003 OS.
- apply patches, set interfaces to internal / external with exact IP addresses from previous ISA server. Physically identify which interface is int / ext for connection purposes.
- install Surf-control
Saturday – live migration:
- remove current server from Domain, remove server/computer object, disconnect from network
- Force AD policy sync ???
- Move Digi board to new server. Install drvrs.
- Connect new server to network, add to domain with same computer name, IP config, routing
- setup RRAS from prev config info.
- Setup TS from prev cfg info.
- load exported config file backup for ISA, surfcontrol
- set auto updates to dload, but not auto install.
Naturally, these are the broad strokes. We need some help with the sequence of tasks as well as task details. If anyone can help us fill in the blanks or refer us to detailed docuemntation for this procedure, it would be most appreciated.
Thanks, Bob
ISA server move:
Prep:
- extract all config info from current server ( OS, routing, VPN, ISA, surfcontrol, etc. ). Disk cfg is c:=10GB, D:=26GB, mirrored.
- gather all required software CDs, license info
- setup new server off-line - Apply SPs to OS, install required services ( i.e. Term serv, etc )
- Harden server 2003 OS.
- apply patches, set interfaces to internal / external with exact IP addresses from previous ISA server. Physically identify which interface is int / ext for connection purposes.
- install Surf-control
Saturday – live migration:
- remove current server from Domain, remove server/computer object, disconnect from network
- Force AD policy sync ???
- Move Digi board to new server. Install drvrs.
- Connect new server to network, add to domain with same computer name, IP config, routing
- setup RRAS from prev config info.
- Setup TS from prev cfg info.
- load exported config file backup for ISA, surfcontrol
- set auto updates to dload, but not auto install.
Naturally, these are the broad strokes. We need some help with the sequence of tasks as well as task details. If anyone can help us fill in the blanks or refer us to detailed docuemntation for this procedure, it would be most appreciated.
Thanks, Bob
ASKER
Let's not close that just yet. We've been busy with other pressing issues and this operation was put on a temporary hold.
We have attempted to restore the backed up ISA config file from the current server to the new HP ISA appliance and it errors out each time with a message " import failed: the name already exists".
The first thing we did was add the new ISA server to the domain. We set up a different IP adrs for the internal interface since the current server is still in production. The internal i nterface is connected to the network, but not the external. We then configured the external interf with the exact settings as the current server.
We manipulated the XML backup file by replacing the name of the current server with the name of the new server.
ANy ideas?
Bob
We have attempted to restore the backed up ISA config file from the current server to the new HP ISA appliance and it errors out each time with a message " import failed: the name already exists".
The first thing we did was add the new ISA server to the domain. We set up a different IP adrs for the internal interface since the current server is still in production. The internal i nterface is connected to the network, but not the external. We then configured the external interf with the exact settings as the current server.
We manipulated the XML backup file by replacing the name of the current server with the name of the new server.
ANy ideas?
Bob
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I would remove the existing server on the Friday night so AD will have already replicated and be clean ready for the addition on the Saturday but that is just personal methods rather than a requirement.
You may want to review your cache settings if the drive sizes are going to be different.
If you are already on ISA2004 sp2 then fine. If not, make sure you restore the ISA config at the same patch level as you are on now and then apply the ISA service packs etc afterwards.
making a note of speed/duplex settings on the network cards won't hurt either.
In addition, i would not harden the OS until after I had ISA configured and up and running; again personal choice but I have had an occasional hiccup with the hardened OS not allowing certain config changes (restores) as the OS no longer allows that scenario.
Apart from that, you have it covered as far as I can see.
regards
Keith