• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2012
  • Last Modified:

ISA 2006 to TMG 2010 Migration

I have 2 ISA 2006 servers that are Windows NLB.  I am going to decomm each server and replace them with 2 new virtual servers with TMG 2010.

I need to do the migration with as little downtime as possible, therfore :

1. Would it be posible to decomm one ISA and replace it with a TMG server while the other ISA box is still in production ?

2. Can a TMG and ISA box work side by side ? Or would I have to decomm both ISA boxes and then power-up the two TMG boxes ?

If anyone has any experience on ISA to TMG migrations into a production environment with little downtime, I'll br glad to hear from oyui.

  • 2
1 Solution
Suliman Abu KharroubIT Consultant Commented:
Decommission the  first array member and keep and keep the second ...

Install TMG server in that server and make it an array member (new array with new IPs).

test it and make sure it works very well.

change DHCP options to distribute a new gateway instead of the old array (NLB) IP to clients.

keep both server running: TMG and ISA, just to make sure that everything works fine, if any problem, you have the ISA server, you can return back to it.

finally demote the ISA server and install TMG on it then add it to the new TMG array.
CaussyRAuthor Commented:
Thanks for your reply.

My intentions are as follows :

1. Build TMG as a VM server

2. Export firewall rules from ISA

3. Import firewall rules into TMG

4. Turn off ISA server and take the IP addresses from ISA to the TMG server. This would prevent  new firewall rules be implemented on the external facing firewall.

Also, do I export the ISA configuration from the top Array site, we only have 1 array, or should it just be the rules. I have a feeling its the latter.
Suliman Abu KharroubIT Consultant Commented:
Thanks for the points and glad it worked out.

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now