• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1355
  • Last Modified:

Move ISA Server 2006 to new Server

I currently have ISA server 2006 running on a 5 year old server running Windows 2003 Server SP2 with two network cards. One network card for inside and the other for outside.  I want to move everything just the way it is to a new Server also running Windows 2003 Server SP2 with two NIC's. The ISA Server has rules for inside websites, VPN, Exchange 2007, etc. It also has is a external DNS not part of active directory. (This is not a domain controller)
I am looking for the easiest, smoothest, and safest way to transfer the current system on the old server to the new server. Old server will be removed completely when finished.
End result would be that everything works just as it does now but on the new server.
  • 5
  • 3
1 Solution
in the ISA there is the export feature. You can export the configuration an then import it to the new ISA.
I would suggest you to name the server exaclty as the old one and also configure the same IP addresses.

Godd Luck

wbrandleInformation Technology ManagerAuthor Commented:
Is there anything settings that the export function will not get?
it is also the backup feature fro ISA that Microsoft suggests.

Do the following. Export the config. Save it to flash or network share and shut your server.
Open the new server. Name the server as the old one and configure the same IPs. Import the config and make your tests.
If everything is fine then you are done!!!

God Luck
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

wbrandleInformation Technology ManagerAuthor Commented:
OK, I will try it this tonight or this weekend and let you know.  Can't do it while people are on the network.
good luck!!!
1-Back up the ISA Server configuration >> by right click on the ISA Server and then choose backup.

2-Back up also the ISA Rules.

3-Install the new server and restore both backups

4- good Luck
wbrandleInformation Technology ManagerAuthor Commented:
Unable to do it last weekend due to people working the weekend for a deadline. I plan on doing the change this weekend.  This is my plan;

Change Hardware plan for ISA Server/DNS Server system

1.      Copy contents of DNS Info
2.      Export settings from ISA Server
3.      Note all IP addresses assigned to both NICs.
4.      Remove old server domain member from domain
5.      Turn off old server
6.      Rename new server to same name as old server
7.      Modify both NICs to have same IP addresses as old server
8.      Join Domain as a domain member
9.      Restore DNS info/settings
10.      Import old ISA Server settings
11.      Restart

If you see any flaw in the proposed plan or have any additional input please let me know.
wbrandleInformation Technology ManagerAuthor Commented:
After completing my list (1 - 11) the new ISA server came up but the fire wall service would not start.
Event ID: 7024
The Microsoft Firewall service terminated with service-specific error 2148081668 (0x80092004)

The problem was that the SSL certificates did not transfer with the export of all settings.

I went to the old server exported all to a flash drive(using MMC Certificates snap-in), moved them to the new server and inported them(using MMC Certificates snap-in).

Restarted and the ISA server worked fine but the DNS server portion did not work. I guess just copying all the contents of the \dns directory over to the new server did not work.  So I got the old server back on line with a new name. on the new server setup dns as secondary pointing to the old server for each domain name then changed it primary and that seemed to fix that.
So the export does not get everything such as the certificates assigned to each listener.
All is working now on the new server. Thanks for all input given!

If I were to do it all over again knowing what I know now this is how I would have done it.

1.      Export settings from ISA Server
2.      Using MMC Certificates snap-in, export all certificates if any.
3.      Note all IP addresses assigned to both NICs.
4.      Remove old server domain member from domain
5.      Rename old server and change IP address so it can stay online without conflicts
6.      Remove old server name from AD
7.      Rename new server to same name as old server
8.      Modify both NICs to have same IP addresses as old server
9.      Join Domain as a domain member
10.      Setup DNS as secondary to old server for all domain names and reverse. Then change each to primary.
11.      Import old ISA Server settings
12.      Using MMC Certificates snap-in, inport all certificates if any.
13.      Restart

So hau_it was on target and got me where I needed to go. Thanks.
wbrandleInformation Technology ManagerAuthor Commented:
Thank you not only for your help but such a quick response to my issue. Thanks!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now