Upgrading ISA Server 2000 Publishing Policy Configuration
ISA Server 2000 publishing rules are upgraded to ISA Server 2004, as detailed in the following sections.
Server publishing rules
For each server publishing rule on ISA Server 2000, a corresponding server publishing rule is created on ISA Server 2004. Some properties are modified during the upgrade process, as detailed below.
| Property | ISA Server 2000 Value | ISA Server 2004 Value |
|---|---|---|
| Action | IP address of server on Internal network | To is set to computer object with the specific IP address |
| External IP address | IP address of External listener is set to the specific IP address. | |
| Protocol | Same as ISA Server 2000 | |
| Applies To | Any request | Source network is set to External and From is set to All Users |
| Client address sets | From is set to a computer set with the specific IP addresses in the client address set | |
| User and group | Source network is set to External and From is set to All Users |
Users can configure an ISA Server 2000 registry key, UseISAAddressInPublishing that determines whether proxying is enabled. If the registry key is configured on the ISA Server 2000 computer, then the Enable proxy checkbox is selected on ISA Server 2004.
Note that the actual IP address of the external NIC on the original ISA Server 2000 computer is saved in the XML file with the configuration information. If ISA Server 2004 is installed on a different computer, you must correct the IP address after you import the XML file.
Web publishing rules
For each Web publishing rule on ISA Server 2000, a corresponding Web publishing rule is created on ISA Server 2004. Some properties are modified during the upgrade process, as detailed below.
| Property | ISA Server 2000 Value | ISA Server 2004 Value |
|---|---|---|
| Action | Discard the request | Denied. Rule is ordered first after the denied access rules. |
| Redirect the request | Allowed. To is set to the computer specified on ISA Server 2000. | |
| Send the original request | Same as ISA Server 2000. To is set to the computer specified on ISA Server 2000. | |
| Port selection | Same as ISA Server 2000, specified on the Bridging tab. | |
| Destination | All destinations | Not supported; the rule is not exported. A log message is generated. |
| All internal | Not supported; the rule is not exported. A log message is generated. | |
| All external | All requests | |
| Selected destination set to single IP address or domain | On ISA Server 2004, more than one Web publishing rule may be created if the specified ISA server 2000 Web publishing rule was applied to multiple public destinations. | |
| Selected destination set to range of IP addresses | Set to first IP address in the range. | |
| All destinations except selected | Not supported; the rule is not exported. A log message is generated. | |
| Bridging | HTTP to HTTP and SSL to HTTP | Same |
| HTTP to HTTP and SSL to SSL | Same | |
| HTTP to SSL and SSL to SSL | Same | |
| HTTP to FTP and SSL to FTP | Same | |
| HTTP to HTTP and SSL to FTP | HTTP to HTTP and SSL to SSL | |
| HTTP to SSL and SSL to HTTP | HTTP to HTTP and SSL to SSL | |
| HTTP to SSL and SSL to FTP | HTTP to HTTP and SSL to SSL | |
| HTTP to FTP and SSL to HTTP | HTTP to HTTP and SSL to SSL | |
| HTTP to FTP and SSL to SSL | HTTP to HTTP and SSL to SSL |
On ISA Server 2000, Web listeners are implicitly assigned for each Web publishing rule. For ISA Server 2004, the Web listener is explicitly assigned to each Web publishing rule.
If an ISA Server 2000 Web publishing rule applies to more than one listener, then corresponding ISA Server 2004 Web publishing rules are created for each ISA Server 2000 Web listener. For example, if an ISA Server 2000 Web publishing rule applies to three Web listeners, then three ISA Server 2004 Web publishing rules are created, one for each Web listener specified in the original ISA Server 2000 Web publishing rule.
If an ISA Server 2000 Web publishing rule applies to a destination set that includes two or more different IP addresses (or domain names) and two or more different paths, then ISA Server 2004 Web publishing rules are created for each pair of IP addresses and paths.
Note that the actual IP address of the external NIC on the original ISA Server 2000 computer is saved in the XML file with the configuration information. If ISA Server 2004 is installed on a different computer, you must correct the IP address after you import the XML file.
In ISA Server 2000, a Web publishing rule can apply to a destination set with an empty path. For this beta release, when the rule is upgraded to ISA Server 2004, you must set the rule's internal path to /*.
Naming Conventions
The table below details the naming conventions for the new publishing rules.
| ISA Server 2000 Rule | ISA Server 2004 Rule Name | Example |
|---|---|---|
| Server publishing rule | ISANumber-ISA_Rule_Name | ISA12-PublishSMTP |
| Web publishing rule | ISANumber-ISA_Rule_Name for Listener_Name for domain/path | ISA13-Publishing for External IP: 122.11.223.123 for microsoft.com/foo |
