ISA Sever 2006 Configuration

5/24/2018 ISA Sever 2006 Configuration

1/51

0 ISA Server 2006 Configuration

www.phoelapyae.com

ISA Server 2006Configuration

2010

27/8/2010


2/51


www.phoelapyae.com

ISA Server proxy server

squid proxy ISA Server

Window ISA Server

ISA Server 2006

Window Server 2003 Window Server 2003edition

edition ISA Server

. Windows Server 2003 Standard Edition (32 bit) with SP1

. Windows Server 2003 Enterprise Edition (32 bit) with SP1

. Windows Server 2003 R2 Standard Edition (32 bit)

. Windows Server 2003 R2 Enterprise Edition (32 bit)

Window Server ISA Server

Window Server 2003

ISA Server ISA Server 2006mouse configure

:P Window Server 2003 ISA Server 2006

ISA Server

..

http://www.linglom.com/category/security/isa/

http://www.isaserver.org/

..:D

ISA Server 2006 Configure ..
http://en.wikipedia.org/wiki/ISA_serverhttp://phoelapyae.com/index.php?option=com_content&view=category&id=41&Itemid=109http://phoelapyae.com/index.php?option=com_content&view=category&id=41&Itemid=109http://phoelapyae.com/index.php?option=com_content&view=category&id=41&Itemid=109http://www.linglom.com/category/security/isa/http://www.linglom.com/category/security/isa/http://www.isaserver.org/http://www.isaserver.org/http://www.isaserver.org/http://www.linglom.com/category/security/isa/http://phoelapyae.com/index.php?option=com_content&view=category&id=41&Itemid=109http://en.wikipedia.org/wiki/ISA_server


3/51


www.phoelapyae.com

Deploying ISA Server 2006 as a Content Caching Server ISA Servercache server

ISA Server Microsoft Proxy Server

Microsoft Proxy Server ISA acceleration cache server

ISA(Internet Securiy and Acceleration)

..

client-1 web site cache folder client-2

website ISA server cache folder

cache folder web site

bandwidth ISA servercache server cache
http://phoelapyae.com/index.php?option=com_content&view=article&id=178:microsoft-forefront-threat-management-gateway-forefront-tmg&catid=39:networking&Itemid=92http://phoelapyae.com/index.php?option=com_content&view=article&id=178:microsoft-forefront-threat-management-gateway-forefront-tmg&catid=39:networking&Itemid=92http://phoelapyae.com/index.php?option=com_content&view=article&id=178:microsoft-forefront-threat-management-gateway-forefront-tmg&catid=39:networking&Itemid=92http://phoelapyae.com/index.php?option=com_content&view=article&id=178:microsoft-forefront-threat-management-gateway-forefront-tmg&catid=39:networking&Itemid=92http://phoelapyae.com/index.php?option=com_content&view=article&id=178:microsoft-forefront-threat-management-gateway-forefront-tmg&catid=39:networking&Itemid=92http://phoelapyae.com/index.php?option=com_content&view=article&id=178:microsoft-forefront-threat-management-gateway-forefront-tmg&catid=39:networking&Itemid=92


4/51


www.phoelapyae.com

Cache --> Cache Drivers Define Cache Drives

hardisk partition size C partition

C 1000MB Cache Rule

Cache Content

Cache --> Cache Rule Create a Cache Rule


5/51


www.phoelapyae.com

Cache Rule Winzard Next

destinationcache external


6/51


www.phoelapyae.com

Add Next


7/51


www.phoelapyae.com

=>Only if a Valid Version of the Object Exists in the Cache. If No Valid Version Exists, Route the Request to the Server In this scenario, which is the default option, a requesting client has a cached object returned only if the object exists

in the cache and has not expired.

If there is not a current version, the ISA server routes the request to the web server on the Internet.

=> If Any Version of the Object Exists in the Cache. If None Exists, Route the Request to the Server For this option, the ISA server returns an object in the cache, even if it has expired. If it does not exist in the cache,

it routes the request to

the web server on the Internet. This option can run the risk of supplying stale data to requesting clients.

=>If Any Version of the Object Exists in the Cache. If None Exists, Drop the Request Never Route the Request to theServer)With this option, clients get web data only from objects that exist in the cache. If an object isnt in the cache, the

request fails. This is a highly restrictive option, but is useful in scenarios where only specific content is meant to be

made available

to web-browsing clients, and that content is made available with Content download jobs.


8/51


www.phoelapyae.com

option Next

Next


9/51


www.phoelapyae.com


10/51


www.phoelapyae.com

Apply ..

menu

cache


11/51


www.phoelapyae.com

ISA Server 2006 cache create cache rule

Network Creation Firewall Policy internal nework

squid internal network firewall policy allow

Network Topology ISA Network Topology

Network Template small network

Edge Firewall


12/51


www.phoelapyae.com

Network --> Templates Edge Firewall Network Card 2

internal network

Next


13/51


www.phoelapyae.com

Next


14/51


www.phoelapyae.com

Add Adapter internal network Local Area Connection 2

Local Area Connection 2 internal network NIC NIC IP Range

192.168.0.1 Next


15/51


www.phoelapyae.com

Allow unrestriced access


16/51


www.phoelapyae.com

Network

Firewall Policy squid proxy allow/deny

Firewall Policy --> Tasks Create Access Rule

allow and deny

Allow


17/51


www.phoelapyae.com


18/51


www.phoelapyae.com

Selected protocolsAdd protocol web cache

HTTP and HTTPS

Next


19/51


www.phoelapyae.com


20/51


www.phoelapyae.com

Access Rule Sourcesource

LocalhostAdd

Add Next


21/51


www.phoelapyae.com

Access Rule DestinationExternal External(internet) resource internal network


22/51


www.phoelapyae.com

User Next


23/51


www.phoelapyae.com

ISA Server internal network

client web browser server ip address and

port port8080 default server ip

192.168.0.1

client client client

Client Configuration ISA Server run client

configure web browser host and port

ISAclient

(1) Secure NAT client

(2) Web Proxy client

(3) Firewall client

client ISA Serversupport client type client

client type

1)Secure NAT client server ip addressclient ip configuraion default gateway


24/51


www.phoelapyae.com

' 192.168.137.1 Server IP Address

2)Web Proxy client web browser HTTP host and port

address port 8080 mozilla firefox ..


25/51


www.phoelapyae.com

3)Firewall clientsoftware Download

http://www.linglom.com/2009/11/25/getting-started-with-microsoft-isa-server-2006-part-9-client-configuration/
http://www.microsoft.com/downloads/details.aspx?FamilyID=05C2C932-B15A-4990-B525-66380743DA89&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?FamilyID=05C2C932-B15A-4990-B525-66380743DA89&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?FamilyID=05C2C932-B15A-4990-B525-66380743DA89&displaylang=enhttp://www.linglom.com/2009/11/25/getting-started-with-microsoft-isa-server-2006-part-9-client-configuration/http://www.linglom.com/2009/11/25/getting-started-with-microsoft-isa-server-2006-part-9-client-configuration/http://www.linglom.com/2009/11/25/getting-started-with-microsoft-isa-server-2006-part-9-client-configuration/http://www.microsoft.com/downloads/details.aspx?FamilyID=05C2C932-B15A-4990-B525-66380743DA89&displaylang=en


26/51


www.phoelapyae.com

ISA Server 2006 Configuration For Parent Proxy

configuration direct connection

proxy number parent proxy

web chaining rule

host and port

Networks --> Web Chaining --> Tasks --> Create New Web Chaining Rule


27/51


www.phoelapyae.com

DestinationExternal Add


28/51


www.phoelapyae.com

proxy host and portRedirect requests to a specified upstream server

host and port username and password


29/51


www.phoelapyae.com

username and passwordUse this account Set Account

username and password host and port

Use this account

Next


30/51


www.phoelapyae.com

upstream server down Ignore

proxy host and port


31/51


www.phoelapyae.com

How to allow ping from local computer to ISA ServerISA Server Local computer

ping .. ping

.. ping ?

ISA Serverremote desktop .. ping

local computer

pingconnect remote desktop

ping ..

Firewall Policy Edit System Policy

Sysmtem Policy Editor ICMP(Ping)


32/51


www.phoelapyae.com

Default Enable ?.. enable


33/51


www.phoelapyae.com

From tab Remote Management Computers enable Remote

Management Computers IP Address

Remote Management Computersping IP Address

Remote Management Computers Edit


34/51


www.phoelapyae.com

Add --> Computer local computer ip address ping address

Name IP Address ip


35/51


www.phoelapyae.com

Description..

internal network computer server ipping

reply

http://www.elmajdal.net/isaserver/How_to_Allow_Ping_From_Selected_Computers_To_ISA_Server_Machine.aspx
http://www.elmajdal.net/isaserver/How_to_Allow_Ping_From_Selected_Computers_To_ISA_Server_Machine.aspxhttp://www.elmajdal.net/isaserver/How_to_Allow_Ping_From_Selected_Computers_To_ISA_Server_Machine.aspxhttp://www.elmajdal.net/isaserver/How_to_Allow_Ping_From_Selected_Computers_To_ISA_Server_Machine.aspx


36/51


www.phoelapyae.com

Remote Desktop to ISA Server 2006 Using Microsoft Management Console MMC)

Remote Desktop

control

control

configure

monitor keyboard :P ISA ServerRemote Desktop

1. Microsoft Management Console (MMC)

2. Terminal Server

3. Web Management

MMC Terminal Server MMCISA Server manage ISA Server

connect Terminal ServerISA Server connect

Microsoft Management Console (MMC)

Firewall policy --> Edit System Policy
http://technet.microsoft.com/en-us/library/bb794770.aspxhttp://technet.microsoft.com/en-us/library/bb794770.aspxhttp://technet.microsoft.com/en-us/library/bb794770.aspxhttp://technet.microsoft.com/en-us/library/bb794770.aspxhttp://technet.microsoft.com/en-us/library/bb794770.aspxhttp://technet.microsoft.com/en-us/library/bb794770.aspxhttp://technet.microsoft.com/en-us/library/bb794770.aspx


37/51


www.phoelapyae.com

Remote Management .. MMC , Terminal Server and Web Management


38/51


www.phoelapyae.com

From tab Remote Management ComputersEdit Remote Management

Computers IP


39/51


www.phoelapyae.com

Add --> Computer

clientip


40/51


www.phoelapyae.com

..

client remote

client manageclient ISA Server 2006

ISA Server 2006

Connect to Local or Remote Server


41/51


www.phoelapyae.com

Another Computer(remote management) IP Address


42/51


www.phoelapyae.com

ISA Server IP Address IP Address internal IP

192.168.0.1 Username and PasswordWindow Server 2003

Login user and password ISA Serverremote

disconnect

ISA Serverremote desktop

http://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_C

onnection.aspx

Remote Desktop to ISA Server 2006 Using Terminal Server

Microsoft Management Console (MMC) remote desktop

Terminal Server remote desktop

Remote Managemnet Computers Edit
http://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspxhttp://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspxhttp://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspxhttp://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspxhttp://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspx


43/51


www.phoelapyae.com

Edit internal network computer ip address


44/51


www.phoelapyae.com

Terminal Server enable

Start > Administrative Tools > Terminal Services Configuration


45/51


www.phoelapyae.com

right click RDP-Tcp Properties Network Adapter Internal

NIC


46/51


www.phoelapyae.com

wireless wireless NIC .. NIC

My Computer right click --> Properties

Enable Remote Desktop on this computer

...

client manage ..

(window 7) Start > All Programs > Accessories > Remote Desktop Connection


47/51


www.phoelapyae.com

Computer server name(or)ip address Connect

username and password Window Server login password

Login


48/51


www.phoelapyae.com

http://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_C

onnection.aspx

Bandwidth Control With ISA Server 2006

ISA Server bandwidth control built in feature third party software

bandwidth control

bandwidth control ....

Free Realtime NetFlow Analyzer

Bandwidth Splitter

Internet Administrator

Bandwidth Controller Enterprise

TrafficQuota

Websense Enterprise Bandwidth Optimizer..

client TrafficQuota

client

limit

bandwidth

..

TrafficQuota

TrafficQuota

http://ifile.it/m4nrk1v

(or)

http://www.mediafire.com/?7j97j3i5f78rhad

(or)

http://dl.dropbox.com/u/9563152/TrafficQuota.rar
http://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspxhttp://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspxhttp://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspxhttp://www.isaserver.org/software/ISA/Bandwidth-Control/http://www.isaserver.org/software/ISA/Bandwidth-Control/http://www.isaserver.org/software/ISA/Bandwidth-Control/http://www.isaserver.org/software/ISA/Bandwidth-Control/http://www.isaserver.org/software/ISA/Bandwidth-Control/http://www.isaserver.org/software/ISA/Bandwidth-Control/http://www.isaserver.org/software/ISA/Bandwidth-Control/http://www.solarwinds.com/register/registration.aspx?program=852&c=70150000000ExjD&CMP=BIZ-TAD-TG-X-NA-DL-Q210http://www.bsplitter.com/http://www.iadmin.biz/product/isaserver.htmlhttp://bandwidthcontroller.com/enterprise.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.websense.com/content/WebFilter.aspxhttp://www.websense.com/content/WebFilter.aspxhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://ifile.it/m4nrk1vhttp://ifile.it/m4nrk1vhttp://www.mediafire.com/?7j97j3i5f78rhadhttp://www.mediafire.com/?7j97j3i5f78rhadhttp://dl.dropbox.com/u/9563152/TrafficQuota.rarhttp://dl.dropbox.com/u/9563152/TrafficQuota.rarhttp://dl.dropbox.com/u/9563152/TrafficQuota.rarhttp://www.mediafire.com/?7j97j3i5f78rhadhttp://ifile.it/m4nrk1vhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://www.websense.com/content/WebFilter.aspxhttp://www.digirain.com/en/trafficquota-overview.htmlhttp://bandwidthcontroller.com/enterprise.htmlhttp://www.iadmin.biz/product/isaserver.htmlhttp://www.bsplitter.com/http://www.solarwinds.com/register/registration.aspx?program=852&c=70150000000ExjD&CMP=BIZ-TAD-TG-X-NA-DL-Q210http://www.isaserver.org/software/ISA/Bandwidth-Control/http://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspxhttp://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_Connection.aspx


49/51


www.phoelapyae.com

(or)

http://centralupload.com/files/14309_cn7kq/TrafficQuota.rar

ISA Server integrate

TrafficQuota --> Computer New Quota --> Computer create IP

Address

Computer User User
http://centralupload.com/files/14309_cn7kq/TrafficQuota.rarhttp://centralupload.com/files/14309_cn7kq/TrafficQuota.rarhttp://centralupload.com/files/14309_cn7kq/TrafficQuota.rar


50/51


www.phoelapyae.com

ipclientip

Bandwidth download and upload Outgoing and incoming

Daily , Weekly, Monthly


51/51


www.phoelapyae.com

www.myanmarengineer.org www.phoelapyae.com

....
http://www.myanmarengineer.org/http://www.myanmarengineer.org/http://www.myanmarengineer.org/http://www.phoelapyae.com/http://www.phoelapyae.com/http://www.phoelapyae.com/http://www.phoelapyae.com/http://www.myanmarengineer.org/

Date post:	14-Oct-2015
Category:	Documents
Upload:	frank-carbajal
View:	17 times
Download:	0 times

ISA Sever 2006 Configuration

Documents