ISA Firewall Best Practices, Tips and Tricks (Part 1)
I have been having some intermittent problems. The error message pointed my in the direction of my DNS configuration so I compared my configuration to the Best Practices recommended in this document. Since my configuration was setup during the ISA 2004 install, everything should be standard. I did find two things did not match up.
- The WAN adapter DNS setting was pointed at the intranet DNS server. I blanked this parameter out in the GUI. This set the DNS configuration to get it automatically from the router.
- There were no local addresses configured in the Web Browser tab for the internal network. I added the loop back network and the local network addresses.
I also installed the Beta Release of Copylattowebproxy Script. I looked at the script and I think it populates the direct access address ranges in the web browser tab. It appears to do the same thing I just finished doing by hand but I cannot imagine why someone would create a script to do what you can do so easily by hand.
It will probably will take me some time to figure out if these changes made a difference.