I am attempting to upgrade from ISA2K to ISA2K4 and having no luck.
I want to use ISA Server as a Web Proxy only, using Websense as a filter plugin. My existing infrastructure is Websense on ISA2K. The server has an IP in my LAN subnet and routes all unknown traffic via the FW to Internet. It caches and all works beautifully. I cannot work out how to configure ISA2K4 to do the same thing. ISA2K came with a proxy only configuration, but this feature has disappeared in ISA2K4, and the firewall aspects of ISA seem to keep interfering.
Has anyone else got a configuration like this and if so could they kindly explain how they did it?
I have tried the single network adapter template and failed. I have just had another go following your suggestion and it nearly works, but doesn't quite seem right:
I have Web Proxy clients enabled, but not Firewall clients. I have enabled http on the network rulle on port 80 and using routing not NAT, and all my http traffic does all appear to work. However, I get the problem that I cannot use HTTPS. When I try and set it up I am asked to supply a certificate. Why? I didn't need one previously. If I don't enable it, https traffic doesn't work. The firewall monitoring log shows an allowed connection from my client to the SSL Destination using port 443, but the client displays a "Page cannot be dispalyed" message.
Websense does need to authenticate users to apply policy, but it uses its own AD connector, so ISA does not need to authenticate users. The Websense side of things all works fine.
The alternate option is to put the ISA server in the DMZ, but I am not that keen on AD user authentication from the DMZ. It would however give me the opportunity to use OWA...
I'm in Configuration\Networks\Internal\Web Proxy settings. Clicking SSL.
And then I thought, I wonder what my Configuration\Networks\Local Host\Web Proxy settings are. And they had an http port of 8080, whereas the internal had a port of 80. Changed the Local Host to 80 and it has cured all of my https problems.
Thanks for your help - made me think about where else I could have been stupid.