(WWW - Nyinaymin.org) ISA Sever 2006 Configuration

0
ISA Server 2006 Configuration
2010
ISA Server 2006

Configuration
www.phoelapyae.com
27/8/2010
ISA Server proxy server

squid proxy ISA Server
Window ISA Server
ISA Server 2006
Window Server 2003 Window Server 2003 edition
edition ISA Server
. Windows Server 2003 Standard Edition (32 bit) with SP1
. Windows Server 2003 Enterprise Edition (32 bit) with SP1
. Windows Server 2003 R2 Standard Edition (32 bit)
. Windows Server 2003 R2 Enterprise Edition (32 bit)
Window Server ISA Server
Window Server 2003
ISA Server ISA Server 2006 mouse configure
:P Window Server 2003 ISA Server 2006
ISA Server
..
http://www.linglom.com/category/security/isa/
http://www.isaserver.org/
..:D
ISA Server 2006 Configure ..
www.phoelapyae.com
Deploying ISA Server 2006 as a Content Caching Server

ISA Server cache server
ISA Server Microsoft Proxy Server
Microsoft Proxy Server ISA acceleration cache server
ISA(Internet Securiy and Acceleration)
..
client-1 web site cache folder client-2
website ISA server cache folder
cache folder web site
bandwidth ISA server cache server cache

www.phoelapyae.com
Cache --> Cache Drivers Define Cache Drives
hardisk partition size C partition

C 1000MB Cache Rule
Cache Content

Cache --> Cache Rule Create a Cache Rule
www.phoelapyae.com
Cache Rule Winzard Next

destination cache external
www.phoelapyae.com
Add Next
www.phoelapyae.com
=> Only if a Valid Version of the Object Exists in the Cache. If No Valid Version Exists, Route the Request to the Server
In this scenario, which is the default option, a requesting client has a cached object returned only if the object exists
in the cache and has not expired.
If there is not a current version, the ISA server routes the request to the web server on the Internet.
=> If Any Version of the Object Exists in the Cache. If None Exists, Route the Request to the Server
For this option, the ISA server returns an object in the cache, even if it has expired. If it does not exist in the cache,
it routes the request to
the web server on the Internet. This option can run the risk of supplying stale data to requesting clients.
=>If Any Version of the Object Exists in the Cache. If None Exists, Drop the Request (Never Route the Request to the
Server)
With this option, clients get web data only from objects that exist in the cache. If an object isnt in the cache, the
request fails. This is a highly restrictive option, but is useful in scenarios where only specific content is meant to be
made available
to web-browsing clients, and that content is made available with Content download jobs.
www.phoelapyae.com
option Next
Next
www.phoelapyae.com
www.phoelapyae.com
Apply ..
menu

cache
www.phoelapyae.com
10

ISA Server 2006 cache create cache rule
Network Creation Firewall Policy internal nework

squid internal network firewall policy allow
Network Topology ISA Network Topology
Network Template small network
Edge Firewall
www.phoelapyae.com
11
Network --> Templates Edge Firewall Network Card 2

internal network
Next
www.phoelapyae.com
12
Next
www.phoelapyae.com
13
Add Adapter internal network Local Area Connection 2

Local Area Connection 2 internal network NIC NIC IP Range
192.168.0.1 Next
www.phoelapyae.com
14
Allow unrestriced access
www.phoelapyae.com
15
Network
Firewall Policy squid proxy allow/deny

Firewall Policy --> Tasks Create Access Rule
allow and deny Allow
www.phoelapyae.com
16
www.phoelapyae.com
17
Selected protocols Add protocol web cache

HTTP and HTTPS
Next
www.phoelapyae.com
18
www.phoelapyae.com
19
Access Rule Source source

Localhost Add
Add Next
www.phoelapyae.com
20
Access Rule Destination External External(internet) resource internal network

www.phoelapyae.com
21
User Next
www.phoelapyae.com
22
ISA Server internal network

client web browser server ip address and
port port 8080 default server ip
192.168.0.1
client client client

Client Configuration
ISA Server run client
configure web browser host and port
ISA client
(1)
Secure NAT client
(2)
Web Proxy client
(3)
Firewall client
client ISA Server support client type client
client type
(1)Secure NAT client

server ip address client ip configuraion default gateway

www.phoelapyae.com
23
' 192.168.137.1 Server IP Address
(2)Web Proxy client

web browser HTTP host and port
address port 8080 mozilla firefox ..
www.phoelapyae.com
24
(3)Firewall client
software Download

http://www.linglom.com/2009/11/25/getting-started-with-microsoft-isa-server-2006-part-9-client-configuration/
www.phoelapyae.com
25
ISA Server 2006 Configuration For Parent Proxy

configuration direct connection
proxy number parent proxy
web chaining rule
host and port

Networks --> Web Chaining --> Tasks --> Create New Web Chaining Rule
www.phoelapyae.com
26
Destination External Add
www.phoelapyae.com
27
proxy host and port Redirect requests to a specified upstream server

host and port username and password

www.phoelapyae.com
28
username and password Use this account Set Account

username and password host and port
Use this account
Next
www.phoelapyae.com
29
upstream server down Ignore
proxy host and port
www.phoelapyae.com
30
How to allow ping from local computer to ISA Server

ISA Server Local computer
ping .. ping
.. ping ?
ISA Server remote desktop .. ping
local computer
ping connect remote desktop
ping ..
Firewall Policy Edit System Policy
Sysmtem Policy Editor ICMP(Ping)
www.phoelapyae.com
31
Default Enable ? .. enable

www.phoelapyae.com
32
From tab Remote Management Computers enable Remote

Management Computers IP Address
Remote Management Computers ping IP Address
Remote Management Computers Edit
www.phoelapyae.com
33
Add --> Computer local computer ip address ping address
Name IP Address ip
www.phoelapyae.com
34
Description ..
internal network computer server ip ping

reply
http://www.elmajdal.net/isaserver/How_to_Allow_Ping_From_Selected_Computers_To_ISA_Server_Machine.aspx
www.phoelapyae.com
35
Remote Desktop to ISA Server 2006 Using Microsoft Management Console (MMC)
Remote Desktop
control
control
configure
monitor keyboard :P ISA Server Remote Desktop

1. Microsoft Management Console (MMC)
2. Terminal Server
3. Web Management
MMC Terminal Server MMC ISA Server manage ISA Server

connect Terminal Server ISA Server connect
Microsoft Management Console (MMC)

Firewall policy --> Edit System Policy
www.phoelapyae.com
36
Remote Management .. MMC , Terminal Server and Web Management
www.phoelapyae.com
37
From tab Remote Management Computers Edit Remote Management

Computers IP
www.phoelapyae.com
38
Add --> Computer
client ip
www.phoelapyae.com
39
..
client remote
client manage client ISA Server 2006

ISA Server 2006
Connect to Local or Remote Server
www.phoelapyae.com
40
Another Computer(remote management) IP Address
www.phoelapyae.com
41
ISA Server IP Address IP Address internal IP

192.168.0.1 Username and Password Window Server 2003
Login user and password ISA Server remote
disconnect
ISA Server remote desktop
http://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_C
onnection.aspx
Remote Desktop to ISA Server 2006 Using Terminal Server

Microsoft Management Console (MMC) remote desktop
Terminal Server remote desktop
Remote Managemnet Computers Edit
www.phoelapyae.com
42
Edit internal network computer ip address
www.phoelapyae.com
43
Terminal Server enable

Start > Administrative Tools > Terminal Services Configuration
www.phoelapyae.com
44
right click RDP-Tcp Properties Network Adapter Internal

NIC
www.phoelapyae.com
45
wireless wireless NIC .. NIC

My Computer right click --> Properties
Enable Remote Desktop on this computer

...
client manage ..
( window 7) Start > All Programs > Accessories > Remote Desktop Connection
www.phoelapyae.com
46
Computer server name(or)ip address Connect

username and password Window Server login password
Login
www.phoelapyae.com
47
http://www.elmajdal.net/isaserver/Administrating_ISA_Server_2006_Remotely_Using_MMC_and_Remote_Desktop_C
onnection.aspx
Bandwidth Control With ISA Server 2006

ISA Server bandwidth control built in feature third party software
bandwidth control
bandwidth control ....
Free Realtime NetFlow Analyzer
Bandwidth Splitter
Internet Administrator
Bandwidth Controller Enterprise
TrafficQuota
Websense Enterprise Bandwidth Optimizer ..
client TrafficQuota
client
limit
bandwidth
..
TrafficQuota
TrafficQuota
http://ifile.it/m4nrk1v
(or)
http://www.mediafire.com/?7j97j3i5f78rhad
(or)
http://dl.dropbox.com/u/9563152/TrafficQuota.rar
www.phoelapyae.com
48
(or)
http://centralupload.com/files/14309_cn7kq/TrafficQuota.rar
ISA Server integrate
TrafficQuota --> Computer New Quota --> Computer create IP

Address
Computer User User
www.phoelapyae.com
49
ip client ip
Bandwidth download and upload Outgoing and incoming

Daily , Weekly, Monthly
www.phoelapyae.com
50

www.myanmarengineer.org www.phoelapyae.com
....
www.phoelapyae.com

(WWW - Nyinaymin.org) ISA Sever 2006 Configuration

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

(WWW - Nyinaymin.org) ISA Sever 2006 Configuration

Uploaded by

Copyright:

Available Formats

0

ISA Server 2006 Configuration

ISA Server 2006

ISA Server 2006 Configuration

ISA Server proxy server

ISA Server 2006 Configuration

Deploying ISA Server 2006 as a Content Caching Server

ISA Server 2006 Configuration

Cache --> Cache Drivers Define Cache Drives

hardisk partition size C partition

ISA Server 2006 Configuration

Cache Rule Winzard Next

ISA Server 2006 Configuration

ISA Server 2006 Configuration

ISA Server 2006 Configuration

ISA Server 2006 Configuration

ISA Server 2006 Configuration

ISA Server 2006 Configuration

Network Creation Firewall Policy internal nework

ISA Server 2006 Configuration

Network --> Templates Edge Firewall Network Card 2

ISA Server 2006 Configuration

ISA Server 2006 Configuration

Add Adapter internal network Local Area Connection 2

ISA Server 2006 Configuration

Allow unrestriced access

ISA Server 2006 Configuration

allow and deny Allow

ISA Server 2006 Configuration

ISA Server 2006 Configuration

Selected protocols Add protocol web cache

ISA Server 2006 Configuration

ISA Server 2006 Configuration

Access Rule Source source

ISA Server 2006 Configuration

Access Rule Destination External External(internet) resource internal network

ISA Server 2006 Configuration

ISA Server 2006 Configuration

ISA Server internal network

Secure NAT client

Web Proxy client

(1)Secure NAT client

ISA Server 2006 Configuration

' 192.168.137.1 Server IP Address

(2)Web Proxy client

ISA Server 2006 Configuration

ISA Server 2006 Configuration

ISA Server 2006 Configuration For Parent Proxy

ISA Server 2006 Configuration

Destination External Add

ISA Server 2006 Configuration

proxy host and port Redirect requests to a specified upstream server

ISA Server 2006 Configuration

username and password Use this account Set Account

ISA Server 2006 Configuration

upstream server down Ignore

proxy host and port

ISA Server 2006 Configuration

How to allow ping from local computer to ISA Server

Sysmtem Policy Editor ICMP(Ping)

ISA Server 2006 Configuration

Default Enable ? .. enable

ISA Server 2006 Configuration