How to setup ISA Server

what is the best way to setup ISA
joebroncoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tomcahillCommented:
insert the disc, run the installer.

Seriously though, what do you mean?  

I normally install it behind a hardware router/firewall.  
0
joebroncoAuthor Commented:
what is the best way to setup ISA when cisco router and a sonicwal is being used
0
tomcahillCommented:
Cisco Router, Sonic Wall, ISA
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

SCarrisonCommented:
Honestly?  Don't bother, its an awful product

However, if you must:

http://technet.microsoft.com/en-us/library/cc302471.aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Keith AlabasterEnterprise ArchitectCommented:
Joe, I need to understand the question a little more on what you are trying to do here.
You don't mention any details - what version of SBS and ISA do you have? SBS2000 had ISA2000 - so did SBS2003 unless you had the SBS2003 CD pack from service pack 1 which gave you the CD's for ISA2004 - what have you got?

The list of equipment, to be frank is overkill. ISA (any version) was the best firewall/application-gateway combination in the world and the version that came with SBS was designed to use all of the inbuilt wizards etc to configure itself with enough basic rules to allow everything to work. ie Companyweb, RWW, OWA etc. However, if you already have a Cisco router & Sonicwall, apart from proxy, I am not sure what ISA will add for you.

Does your SBS box have one or two nics installed? Are you wanting to use ISA as a proxy/firewall or just proxy?
As you can see, your brief question does not give a lot to work with.....

Keith
ISA MVP
0
shareditCommented:
As everyone has pointed out this is a very vague question.  but if you were going to use ISA for vpn authentication this might help you out.

you install from add remove programs - windows components.

in the matching criteria I create a security group and add it. I then add users to it for access to vpn authentication.  I find this easier to manage than applying the settings directly to the user as the document suggests
vpn-authentication-with-2003-rad.pdf
0
shareditCommented:
The doc uses old ios as the config example. you might need to be familiar with current IOS to set it up correctly.  I'm sure you've used google before

make sure you use this command in your tunnel group

authentication-server-group (aaa-server group name) LOCAL

this will alow you to use the local database for authentication in the event your ISA server is unavailable to authenticate.  Without the local you will not have vpn access with a down ISA server.  It will not use the local names if there is a server available.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.