Move ISA Server 2006 to new Server

Posted on 2009-04-23
Last Modified: 2012-05-06
I currently have ISA server 2006 running on a 5 year old server running Windows 2003 Server SP2 with two network cards. One network card for inside and the other for outside.  I want to move everything just the way it is to a new Server also running Windows 2003 Server SP2 with two NIC's. The ISA Server has rules for inside websites, VPN, Exchange 2007, etc. It also has is a external DNS not part of active directory. (This is not a domain controller)
I am looking for the easiest, smoothest, and safest way to transfer the current system on the old server to the new server. Old server will be removed completely when finished.
End result would be that everything works just as it does now but on the new server.
Question by:wbrandle
    LVL 7

    Accepted Solution

    in the ISA there is the export feature. You can export the configuration an then import it to the new ISA.
    I would suggest you to name the server exaclty as the old one and also configure the same IP addresses.

    Godd Luck


    Author Comment

    Is there anything settings that the export function will not get?
    LVL 7

    Expert Comment

    it is also the backup feature fro ISA that Microsoft suggests.

    Do the following. Export the config. Save it to flash or network share and shut your server.
    Open the new server. Name the server as the old one and configure the same IPs. Import the config and make your tests.
    If everything is fine then you are done!!!

    God Luck

    Author Comment

    OK, I will try it this tonight or this weekend and let you know.  Can't do it while people are on the network.
    LVL 7

    Expert Comment

    good luck!!!
    LVL 6

    Expert Comment

    1-Back up the ISA Server configuration >> by right click on the ISA Server and then choose backup.

    2-Back up also the ISA Rules.

    3-Install the new server and restore both backups

    4- good Luck

    Author Comment

    Unable to do it last weekend due to people working the weekend for a deadline. I plan on doing the change this weekend.  This is my plan;

    Change Hardware plan for ISA Server/DNS Server system

    1.      Copy contents of DNS Info
    2.      Export settings from ISA Server
    3.      Note all IP addresses assigned to both NICs.
    4.      Remove old server domain member from domain
    5.      Turn off old server
    6.      Rename new server to same name as old server
    7.      Modify both NICs to have same IP addresses as old server
    8.      Join Domain as a domain member
    9.      Restore DNS info/settings
    10.      Import old ISA Server settings
    11.      Restart

    If you see any flaw in the proposed plan or have any additional input please let me know.

    Author Comment

    After completing my list (1 - 11) the new ISA server came up but the fire wall service would not start.
    Event ID: 7024
    The Microsoft Firewall service terminated with service-specific error 2148081668 (0x80092004)

    The problem was that the SSL certificates did not transfer with the export of all settings.

    I went to the old server exported all to a flash drive(using MMC Certificates snap-in), moved them to the new server and inported them(using MMC Certificates snap-in).

    Restarted and the ISA server worked fine but the DNS server portion did not work. I guess just copying all the contents of the \dns directory over to the new server did not work.  So I got the old server back on line with a new name. on the new server setup dns as secondary pointing to the old server for each domain name then changed it primary and that seemed to fix that.
    So the export does not get everything such as the certificates assigned to each listener.
    All is working now on the new server. Thanks for all input given!

    If I were to do it all over again knowing what I know now this is how I would have done it.

    1.      Export settings from ISA Server
    2.      Using MMC Certificates snap-in, export all certificates if any.
    3.      Note all IP addresses assigned to both NICs.
    4.      Remove old server domain member from domain
    5.      Rename old server and change IP address so it can stay online without conflicts
    6.      Remove old server name from AD
    7.      Rename new server to same name as old server
    8.      Modify both NICs to have same IP addresses as old server
    9.      Join Domain as a domain member
    10.      Setup DNS as secondary to old server for all domain names and reverse. Then change each to primary.
    11.      Import old ISA Server settings
    12.      Using MMC Certificates snap-in, inport all certificates if any.
    13.      Restart

    So hau_it was on target and got me where I needed to go. Thanks.

    Author Closing Comment

    Thank you not only for your help but such a quick response to my issue. Thanks!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration, of the HP EVA 4400 SAN Storage. The name , IP and the WWN ID’s used here are not the real ones. ABOUT THE STORAGE For most of you reading this, you …
    More or less everybody in the IT market understands the basics of Networking, however when we start talking about Storage Networks, things get a bit dizzier, and this is where I would like to help.
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now