I'm migrating from ISA2000 to ISA2004, and I'm having problems specifying Remote Access Policies in RRAS.
The problem is that ISA creates the "ISA Server Default Policy" with the groups specified in "VPN Clients Properties" and gives this policy the highest priority among the RRAS policies. Even worse, if I try to modify the policy it's reset to the default whenever the server restarts.
My goal is to give more granular VPN access rights (certain groups with certain access hours), but with the default policy auto-reset "feature" I have to delete the default policy all the time...
Thx Frederic for the reply. I agree that I have to switch my brain from "ISA2000 mode", as ISA2004 is sooo changed.
It would be nice to manage everything from within ISA, but here is an example of using RRAS: setting the idle-timeout. I don't see anywhere in ISA where you can specify this, and I *have* to use it on my network (users forget to disconnect from VPN all the time).
Anyways, for now I'll use a dummy empty group with the ISA console, and refine the RRAS properties with Remote Access Policies.
It seems to me a serious limitation, but I'm using ISA2004 for less than a week so I might be wrong...