SBS03 Prem. ISA Firewall

I have just installed our SBSserverand we are trying to eliminate our firebox firewall with hopes of using ISA that came with SBS03. We have a seprate web server running mulitple public websites example (and SQL running on its own box) We now have them NAT'ed from the fire box. I have been told that ISA cannot NAT and that is dose not have a way of allowing a public website from any other machine that the sbs server. Since then ive been able to find web articles on NATing through SBS and a publishing wizard through ISA but nothing specificly what I have.

Thanks in adviance,
Phillip Smith Sr.
Technology Media Group
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Actually, I'd keep the firebox... why eliminate another level of protection?

By keeping it you can put your web server in a DMZ, on the perimiter of your network.  This is really the best practice for a web server... and ISA doesn't even have to deal with it.  But really, ISA can easily redirect a public website elsewhere.  Full overview of features (assuming you are using ISA2004, if you aren't it's in SBS SP1):

As for the additional SQL server, you need to add it according to the prescribed method:

Tork4840Author Commented:
Thanks for responding Jeff

The yearly watch gaurd subscription is up to 900 a year. There is no reporting and our ISP router has a manager firewall we are not using. We have been burnt with there support as well. 8-5 call you back within 4 hours from a guy that will just have to esculate buy the time you hear back from someone that can help we would have been better off blowing it up and rebuilding it. The web site will be moved evenuttally out side the ISA when the SQL is moved to it. The guy i replaced was a programmer so alot of websites are writtin with hard coded specific items. We will get the web sites rewrote and SQL moved as budget allows.

Did I make a mistake by installing all the service packs before installing ISA 2000 from the disk? Possibley you could point me in the direction of how to access ISA2004 from the servicepacks and the recomended way of redirecting a public site.

Alittle off subect but what dose it take to be concidered a Microsoft Certified Small Business Specialist? I have hired a local so called "Microsoft Certified Small Business Specialist" shop that was recomended on microsofts web site and they have been out 3 times with between 2 diffrent guys that didnt know to much about SBS let alone ISA. The first guy had his nose stuck in a SBS book the both times he was here untill I ran him off  left more problems than he was even hear to fix and the new one seems to know more about it but he is the same that told me i couldnt have a public website inside ISA.
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Well, that makse sense... I foreget about their subscription fees... I don't use the product personally.

I'd still suggest that you use a hardware firewall between the server and the Internet.  The advantage still is the ability to segment out your web server to a DMZ.  One that i particularly like these days is the LINKSYS RV series because of it's dual WAN capability... making it easy to put the web server on it's on external IP if you want.

You didn't make a mistake about installing service packs... do you have the three disk set for SP1?  If not you need to order it.  Info at  ISA2004 is only available by ordering the CD's, and it's on CD3.

It only takes ONE MCP exam to become a Microsoft Small Business Specialist... so you do need to be a bit weary of the label.  However, there are also some VERY good MSBS's out there... I'd ask if the tech themselves is the MSBS.  I'm not sure who you were referring to, but thanks to Google, I'm guessing you are in the Dallas area?  If so, an MSBS with a rather good reputation in the Small Business Server community is Eriq O. Neale who wrote the Small Business Server Unleashed books.  His firm is  (and if that's who you were referring to, give Eriq a call and let him know what you think).



Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Tork4840Author Commented:
No i was not using Eric but i have added him on my list of possible resources.

Is this all i need to do to get this issue resolved?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.