How to Install and Configure ISA Server 2004 on Domain Controller Windwos Server 2003 R2 Standard Edition

Posted on 2009-02-13
Last Modified: 2012-05-06
Having Internal Domain with single Domain Controller on Windows Server 2003 R2 and some Domain Members (Clients) of Windows XP SP2 and Windows Vista of about 40 systems. We have two Broadband services one is Regular and other is Stand-By, these two connections (Router/MODEM) are directly configured to switch (Unmanaged Switch) and clients can access Internet without any limitations. Now  planning to install ISA Server 2004 on Domain Controller (Windows Server 2003 R2/ IBM SYSTEM X3650), which not having dual Network Cards. So how to install and configure ISA Server 2004 on it with clear details of ISA firewall Access Rules and explain how to Configure department wise client access to Internet.      
Question by:rajhyd
    LVL 6

    Expert Comment

    1- Configure the other Network card with an IP address on the same range of the Broadband Connection, this is known as External Network.

    2- Install ISA 2004 ( SP2 / 2006 SP1 ) , and when the wizard asks you for the Internal network , choose the internal NIC .

    3- In Active Directory , crate a groups based on the department you have in your company,and the users according to it.

    4- For Access Rules , create an access rule for Interet as following : Allow > Protocols:DNS,HTTP,HTTPS .... etc  > From : Internal  > To : External > Users :Create a new user Set ,and specify the group from you Active Directory.

    5- If you face some difficulity regarding authentication , go to Configuration > Add-On > and disable RPC Filter.

    Feel free to ask more.


    Author Comment

    Thanks for ur reply Mr.Hisham , but i cant install one more NIC on that server IBM SYSTEM X3650 because of some other bla blaa reasons. So please tell me if their any possibility to install ISA Server 2004 on it.
    LVL 6

    Accepted Solution

    I see ,

    1-connect the Broadband Connection to your network and assign a static IP address on the same Internal network IP range (e.g. Last IP address on the range  

    2- Open ISA , go to Configuration > networks > Internal network and change the reange to like this (e.g.

    With this trick , you broadband connection is knows as External Network.

    Author Closing Comment

    thanks,problem solved

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    HP SAN CMC upgrade 7 55
    exchange, storage, vmware 19 83
    Windows 2003 new patches 11 49
    File Server backup 7 38
    Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
    A quick step-by-step overview of installing and configuring Carbonite Server Backup.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now