Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Move ISA Server 2006 to new Server

Posted on 2009-04-23
9
Medium Priority
?
1,350 Views
Last Modified: 2012-05-06
I currently have ISA server 2006 running on a 5 year old server running Windows 2003 Server SP2 with two network cards. One network card for inside and the other for outside.  I want to move everything just the way it is to a new Server also running Windows 2003 Server SP2 with two NIC's. The ISA Server has rules for inside websites, VPN, Exchange 2007, etc. It also has is a external DNS not part of active directory. (This is not a domain controller)
I am looking for the easiest, smoothest, and safest way to transfer the current system on the old server to the new server. Old server will be removed completely when finished.
End result would be that everything works just as it does now but on the new server.
   
0
Comment
Question by:wbrandle
  • 5
  • 3
9 Comments
 
LVL 7

Accepted Solution

by:
hau_it earned 2000 total points
ID: 24218446
in the ISA there is the export feature. You can export the configuration an then import it to the new ISA.
I would suggest you to name the server exaclty as the old one and also configure the same IP addresses.

Godd Luck

Dimitris
0
 

Author Comment

by:wbrandle
ID: 24218474
Is there anything settings that the export function will not get?
0
 
LVL 7

Expert Comment

by:hau_it
ID: 24218615
no.
it is also the backup feature fro ISA that Microsoft suggests.

Do the following. Export the config. Save it to flash or network share and shut your server.
Open the new server. Name the server as the old one and configure the same IPs. Import the config and make your tests.
If everything is fine then you are done!!!

God Luck
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:wbrandle
ID: 24218775
OK, I will try it this tonight or this weekend and let you know.  Can't do it while people are on the network.
0
 
LVL 7

Expert Comment

by:hau_it
ID: 24218869
sure.
good luck!!!
0
 
LVL 6

Expert Comment

by:Hisham_Elkouha
ID: 24246102
1-Back up the ISA Server configuration >> by right click on the ISA Server and then choose backup.

2-Back up also the ISA Rules.

3-Install the new server and restore both backups

4- good Luck
0
 

Author Comment

by:wbrandle
ID: 24263315
Unable to do it last weekend due to people working the weekend for a deadline. I plan on doing the change this weekend.  This is my plan;

Change Hardware plan for ISA Server/DNS Server system

1.      Copy contents of DNS Info
2.      Export settings from ISA Server
3.      Note all IP addresses assigned to both NICs.
4.      Remove old server domain member from domain
5.      Turn off old server
6.      Rename new server to same name as old server
7.      Modify both NICs to have same IP addresses as old server
8.      Join Domain as a domain member
9.      Restore DNS info/settings
10.      Import old ISA Server settings
11.      Restart

If you see any flaw in the proposed plan or have any additional input please let me know.
0
 

Author Comment

by:wbrandle
ID: 24288028
After completing my list (1 - 11) the new ISA server came up but the fire wall service would not start.
Event ID: 7024
The Microsoft Firewall service terminated with service-specific error 2148081668 (0x80092004)

The problem was that the SSL certificates did not transfer with the export of all settings.

I went to the old server exported all to a flash drive(using MMC Certificates snap-in), moved them to the new server and inported them(using MMC Certificates snap-in).

Restarted and the ISA server worked fine but the DNS server portion did not work. I guess just copying all the contents of the \dns directory over to the new server did not work.  So I got the old server back on line with a new name. on the new server setup dns as secondary pointing to the old server for each domain name then changed it primary and that seemed to fix that.
So the export does not get everything such as the certificates assigned to each listener.
All is working now on the new server. Thanks for all input given!

If I were to do it all over again knowing what I know now this is how I would have done it.

1.      Export settings from ISA Server
2.      Using MMC Certificates snap-in, export all certificates if any.
3.      Note all IP addresses assigned to both NICs.
4.      Remove old server domain member from domain
5.      Rename old server and change IP address so it can stay online without conflicts
6.      Remove old server name from AD
7.      Rename new server to same name as old server
8.      Modify both NICs to have same IP addresses as old server
9.      Join Domain as a domain member
10.      Setup DNS as secondary to old server for all domain names and reverse. Then change each to primary.
11.      Import old ISA Server settings
12.      Using MMC Certificates snap-in, inport all certificates if any.
13.      Restart

So hau_it was on target and got me where I needed to go. Thanks.
 
0
 

Author Closing Comment

by:wbrandle
ID: 31573936
Thank you not only for your help but such a quick response to my issue. Thanks!
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question