Microsoft manual ISA Server 2004 Configuration Guide Lab Configuration

The ISA Server 2004 Configuration Guide Lab Configuration

We will use a lab network configuration to demonstrate the capabilities and features of ISA Server 2004 in this ISA Server 2004 Configuration Guide. We recommend that you set up a test lab with a similar configuration. If you do not have the resources to create a physical test lab, you can use operating system virtualization software to create the test lab. We recommend that you use Microsoft’s Virtual PC software to create your test lab. You can find more information about Virtual PC at http://www.microsoft.com/windowsxp/virtualpc/.

In this section we will review the following:

•The ISA Server 2004 Configuration Guide network

•Installing Windows Server 2003 on the domain controller machine and then promoting the machine to a domain controller

•Installing Exchange Server 2003 on the domain controller and configuring the Outlook Web Access site to use Basic authentication

ISA Server 2004 Configuration Guide Network Diagram

The figure below depicts the lab network. There are 7 computers on the lab network. However, none of the scenarios we will work with in this ISA Server 2004 Configuration Guide requires all the machines to be running at the same time. This will make it easier for you to use operating system virtualization software to run your lab network.

The network has a local network and a remote network. There is an ISA Server 2004 firewall at the edge of the local and remote networks. All the machines on the local network are members of the msfirewall.org domain, including the ISA Server 2004 firewall machine. No other machines on the lab network are members of the domain.

On our lab network, the external interfaces of the ISA Server 2004 firewalls connect to the production network, which allows them access to the Internet. You should create a similar configuration so that you can test actual Internet connectivity for the clients behind the ISA Server 2004 firewalls.

If you are using operating system virtualization software, then you should note that there are three virtual networks in this lab setup. The Internal network (which contains the domain controller) is on a virtual network, the TRIHOMELAN1 machine on a perimeter network is on another virtual network, and the REMOTECLIENT machine is on a third virtual network. Make sure you separate these virtual networks by placing the machines on different virtual switches so as to prevent Ethernet broadcast traffic from causing unusual results.