Announcement

Collapse
No announcement yet.

Branch scenario in enterprise ISA

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Branch scenario in enterprise ISA

    hi
    I' m working in a project that consist of 2 sites. I decide to install ISA enterprise which contains a css in a separate server that join a domain called bestlife ,while installing the css I selected to install it in domain and workgroup environment and I exported a certificate called workstation ,after that i created 2 arrays the first array use windows authentication and the second use ssl authentication , i joined 2 servers to the domain bestlife and I succeeded to connect to the css to install ISA services and join them to the first array, then I made access rule to publish the css to the internet and put the server (that will be the 3rd isa joining the second array)in managed isa server computer set in the local configuration server in system policy so that i can install the third ISA(which is in workgroup) by connecting the css but while installing an error comes up telling me the following :
    setup failed to connect to the specified configuration storage server computer . this may be because the local computer needs to be added to the managed isa server computer set

    what should i do to install the third isa

  • #2
    Re: Branch scenario in enterprise ISA

    Well first do not double post and Second, how hard is it to understand to post in the correct forum????
    Moved again, previous one will be deleted.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Branch scenario in enterprise ISA

      Well after trying to read your post multiple times I still don't fully understand what you're doing.
      Can you use normal sentences with dots and capital letters etc? Or in other words, can you type it in plain English?
      Marcel
      Technical Consultant
      Netherlands
      http://www.phetios.com
      http://blog.nessus.nl

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"

      Comment


      • #4
        Re: Branch scenario in enterprise ISA

        First, sorry about doubling the post, I accidentally click twice.

        My problem
        When I try to add an additional ISA 2004 ent server to an existing array I get the following error on the locate configuration storage server section of the setup.

        "Setup failed to connect to the specified Configuration storage server computer. This may be because the local computer needs to be added to the Managed ISA Servers computer set.
        Error code = 0x8007203a
        Error description = The server is not operational"

        Current setup is 2 isa servers, a separate CSS server. We are trying to add a 3rd ISA server.

        Two ISA servers and the CSS server are in the same domain. The 3rd I'm trying to add is in a workgroup. e.g.

        Array 1
        isa1 = isa1.bestlife.eg
        isa2 = isa2.bestlife.eg
        css = css.bestlife.eg

        Array 2
        isa3 which I try to join it to the css

        I verified the system policy and the new isa (isa3) is listed in the "local configuration storage server access" policy on the configuration storage server.

        NOTE: before installing css in (css.bestlife.eg) I install a computer certificate with the name (css.bestlife.eg) from a local certificate authority and export it. when I was installing css I selected the option (i'm deploying in a work group or in domains without trust ),so it asked me to browse to the certificate and I did and the installation was successful.


        I changed the properties of the array 2 in the configuration storage server tab as I made the authentication ssl instead of windows authentication

        I made a publish server access rule in order to let isa3 connect to the css

        I have installed a computer certificate with the name isa1.bestlife.eg in isa1 and the same for isa2 I have installed a computer certificate with the name isa2.bestlife.eg

        Second, I exported the self signed certificate from the local CA and installed it
        in the trusted root of the workgroup server (ISA3) in order to trust the certificate coming from css


        Please help...


        NOTE: before installing css in (css.bestlife.eg) I install a computer certificate with the name (css.bestlife.eg) from a local certificate authority and export it. when I was installing css I selected the option (i'm deploying in a work group or in domains without trust ),so it asked me to browse to the certificate and I did and the installation was successful.

        I changed the properties of the array 2 in the configuration storage server tab as I made the authentication ssl instead of windows authentication

        I made a publish server access rule in order to let isa3 connect to the css
        the published server is css ,listen to :external,from field:isa3

        I typed the IP and the name of css in the hostfile of isa3 and I checked that isa3 can resolve css.bestlife.eg

        I have installed a computer certificate with the name isa1.bestlife.eg in isa1 and the same for isa2 I have installed a computer certificate with the name isa2.bestlife.eg

        Second, I exported the self signed certificate from the local CA and installed it
        in the trusted root of the workgroup server (ISA3) in order to trust the certificate coming from css


        Please help...


        Comment

        Working...
        X