Upload
aliasgar-s-bootwala
View
77
Download
2
Embed Size (px)
Citation preview
ISA 2006
Installation and Configuration Document
Prepared for
Friday, 19 Oct 2007
Version 1.0
Prepared by
Vinod Dadhe
Contributors
Aslam
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
2
Revision
Change Record
Date Author Version Change reference
24th Oct 2007 Vinod Dadhe 1.0 Initial Draft Document
Reviewers
Name Version approved Position Date
1.0 Project Manager / Lead
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
3
Table of Contents
1 Executive Summary ............................................................................................................................. 4
2 Installation of Forward Proxy ISA 2006. ............................................................................................ 5
2.1 Set the rule to allow Internet Access on Forward Proxy ISA 2006. ................................................ 9
3 Installation of Reverse Proxy ISA 2006. .......................................................................................... 13
3.1 Publish Exchange 2007 with ISA Server 2006 ............................................................................. 22
3.2 Publish Secured Outlook Web Access (OWA) ............................................................................. 22
3.3 Publish Outlook Anywhere (RPC over http) ................................................................................. 33
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
4
1 EXECUTIVE SUMMARY
This document describes about the MS ISA 2006 server deployment at HIRCO. In this
document, we have detailed the procedures followed for installing and configuring MS ISA
2006 server at HIRCO.
This document outlines the following sections:
• Installation of Forward Proxy ISA 2006.
• Set the rule to allow Internet Access on Forward Proxy ISA 2006.
• Installation of Reverse Proxy ISA 2006.
• Publishing of OWA and RPC over https.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
5
2 INSTALLATION OF FORWARD PROXY ISA 2006.
Perform the following steps to install ISA Server 2006 Enterprise Edition:
1. Insert the ISA 2006 Enterprise version CD in the CD-ROM drive & Double click on
isaautorun.exe. Click Run on following window.
2. Click on Yes to proceed.
3. In the Microsoft ISA Server 2006 Enterprise installation dialog box, click the Install ISA
Server 2006 link.
4. Click next on the Welcome to the Installation Wizard for Microsoft ISA Server 2006
page.
5. On the License Agreement page, select the I accept the terms in the license agreement
option and click Next.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
2
6. On the Customer Information page, enter your User Name, Organization and Product
Serial Number and click Next.
7. On the Setup Scenarios page, select the Install both ISA Server services and
Configuration Storage server option. Click Next to Proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
3
8. On the Component Selection page, accept the default settings. Click Next to Proceed.
9. On the Enterprise Installation Options page, select the Create a new ISA Server
enterprise option. Click Next to proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
4
10. Click Next on the New Enterprise Warning page.
11. On the Internal Network page, click the Add button.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
5
12. In the Addresses dialog box, click the Add Adapter button. In the Select Network
Adapters dialog box, put a checkmark in the checkbox next to the internal interface
installed on the computer. Click Ok.
13. In the Addresses dialog box, click OK. Generally ISA firewall setup with multiple
interfaces, these addresses would define the default Internal ISA firewall Network.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
6
14. Click Next on the Internal Network page.
15. Click Next to Proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
7
16. Click Next to proceed.
17. Click Install to finish the installation.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
8
18. Click on Finish to complete the setup.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
9
2.1 Set the rule to allow Internet Access on Forward Proxy ISA
2006.
Start the Microsoft Internet Security and Acceleration Server 2006 Console. Expand Arrays &
Select Firewall Policy, right click & point to New & select Access Rule as shown below
Type the Name of the Rule & Click Next.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
10
Select Allow & Click next.
Click Add & add HTTP & HTTPS protocols as shown below. Click Next
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
11
Click Add & select Internal Network. Click Next.
Click Add & add External Network. Click Next.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
12
Click Add & select All users/All Authenticated users & click Next.
Review the Summary & Click Finish.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
13
3 INSTALLATION OF REVERSE PROXY ISA 2006.
Perform the following steps to install ISA Server 2006 Enterprise Edition:
1. Insert the ISA 2006 Enterprise version CD in the CD-ROM drive & Double click on
isaautorun.exe. Click Run on following window.
2. Click on Yes to proceed.
3. In the Microsoft ISA Server 2006 Enterprise installation dialog box, click the Install ISA
Server 2006 link.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
14
4. Click next on the Welcome to the Installation Wizard for Microsoft ISA Server 2006
page.
5. On the License Agreement page, select the I accept the terms in the license agreement
option and click Next.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
15
6. On the Customer Information page, enter your User Name, Organization and Product
Serial Number and click Next.
7. On the Setup Scenarios page, select the Install both ISA Server services and
Configuration Storage server option. Click Next to Proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
16
8. On the Component Selection page, accept the default settings. Click Next to Proceed.
9. On the Enterprise Installation Options page, select the Create a new ISA Server
enterprise option. Click Next to proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
17
10. Click Next on the New Enterprise Warning page.
11. On the Internal Network page, click the Add button.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
18
12. In the Addresses dialog box, click the Add Adapter button. In the Select Network
Adapters dialog box, put a checkmark in the checkbox next to the internal interface
installed on the computer. Click Ok.
13. In the Addresses dialog box, click OK. Generally ISA firewall setup with multiple
interfaces, these addresses would define the default Internal ISA firewall Network.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
19
14. Click Next on the Internal Network page.
15. Click Next to Proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
20
16. Click Next to proceed.
17. Click Install to finish the installation.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
21
18. Click on Finish to complete the setup.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
22
3.1 Publish Exchange 2007 with ISA Server 2006
ISA Server 2006 is RTM since 31st July 2006 and has many new and improved features for
webserver and Server Publishing rules. One of the enhancements is the Exchange Webclient
Access Publishing rule. With ISA Server 2006 it is possible to publish version specific
Exchange Servers (including Exchange Server 2007). There are several other enhancements
like the option to change user passwords during Outlook Web Access logon. Administrators can
now customize the HTML forms for the forms based authentication and ISA supports some new
authentication types like RADIUS-OTP and LDAP. It is also possible to do some delegation of
authorization.
3.2 Publish Secured Outlook Web Access (OWA)
To Configure ISA Server 2006 for Outlook Web Access involves the following steps:
1. Start the ISA Admin Console & create the Exchange web client publishing rule as shown in
following figure.
2. Following Wizard will start. Type the Rule name as shown below & click Next to proceed.
3. Select Exchange Server 2007 & Outlook Web Access as shown below.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
23
4. Select Publish a Single Web site or load balancer & click Next to continue.
5. Select the option as shown below & click next to proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
24
6. Type the Internal site name as extranet.hircodomain.com & type the IP address of CAS
servers as shown below & click next to continue.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
25
7. Select the option specified below & type the extranet.hirco.com as public name
8. Now configure the web listener. Click New in the following dialog box.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
26
9. In the following new web listener wizard, type the listener name & click next to continue
10. Select Require SSL secured connections with client option & click next to continue
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
27
11. Select the external interface as shown below & click next.
12. Select the option as specified below & click Select Certificate.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
28
13. Select the available certificate as shown below & click select.
14. Then click next to following window to continue
15. Select the HTML Form Authentication as shown below & click next to proceed
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
29
16. Click Next to proceed
17. Click Finish to complete the Listener wizard.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
30
18. Now continue to new exchange publishing rule wizard & select the Listener just created as
shown below & then click next to proceed.
19. Select the Basic Authentication & click next to proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
31
20. Select All Authenticated Users & click on Remove. Then Click on Add
21. Select All Users & click on Add
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
32
22. Click on Next to proceed.
23. Click OK to following warning message.
24. Click Finish to complete the wizard.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
33
3.3 Publish Outlook Anywhere (RPC over http)
To Configure ISA Server 2006 for Outlook Anywhere involves the following steps:
1. Right Click Firewall Policy, click to new & select Exchange Web Client Access Publishing Rule
shown
2. On the welcome page, type the Name of the rule & click next to proceed.
3. Select Exchange Server 2007 & Outlook Anywhere (RPC/HTTPS) option as shown below & click
next.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
34
4. Select Publish a single web site or load balancer & click next to proceed.
5. Select the Use SSL to connect … option as shown below & click next to proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
35
6. Type the internal site name & IP address of CAS Server as shown below, click Next.
7. Select the Options as specified below & type the public name & click next to proceed.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
36
8. Select the same listener which was created earlier for OWA & click next to proceed.
9. Select the Basic authentication & click next to continue
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
37
10. Select All Authenticated Users & click on Remove. Then Click on Add
11. Select All Users & click on Add
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
38
12. Click on Next to proceed.
13. Click OK to following warning message.
14. Click Finish to complete the wizard.
Microland & Hirco Confidential
Document: ISA 2006 Installation and Configuration Document
39