Isa 2004

ISA Server 2004 Site to Site VPNs: Creating an IPSec Tunnel Mode VPN Connection with ISA Server 2004


·         Install ISA Server 2004 on the local and remote sites

·         Create the remote site at the local ISA Server 2004 firewall

·         Create the routing rule between the local and remote sites

·         Create an Access Rule allowing inbound from remote site to Internal

·         Create the remote site at the remote site location

·         Create the routing rule between the remote site and the local site

·         Create an Access Rule that allows outbound from remote site to local site

·         Add the IP address of the destination IPSec endpoint to the each site’s remote site network to support Web Proxy

·         Test and monitor the connection from a client on the remote site network

Full Article



Implementing ISA 2004 PPTP VPN based Smart Card EAP and RADIUS Authentication without Making the ISA

The ISA firewall can be configured to use strong, two-factor authentication to allow VPN clients access to selected network resources. When two-factor authentication with smart cards and the ISA firewall's stateful packet and application layer inspection engines kick in, you know you've got the best Firewall/VPN device you can get. Idan Plotnik shows you how to make it happen.

Publishing OWA 2003 with ISA Server 2004

Internet Security and Acceleration Server 2004 has made a significant breakthrough in publishing Secured web-sites in general and Outlook Web Accesses specifically. We don't need another exchange server for use as a front-end server if the only job we need it for is protecting our internal exchange server which holds our mailboxes.

Before we begin the publishing process, we need to make sure we already have Form-Based OWA, already working with SSL (See Configuring OWA 2003 with SSL).

1.     In case the ISA server is not part of the domain, the first stage should be installing CA-Root certificate of the Enterprise CA on the trusted root certificates on the ISA server. If the ISA server is a part of the domain (which is not recommended for security reasons), you can skip to the next stage.

Full Article