Running other services on the ISA Server computer
For all client requests, ISA Server processes the request by analyzing rules and determining if access is allowed. If the client request is allowed, then ISA Server dynamically opens the ports required for the communication.
For applications that run on the ISA Server computer, you must configure Internet Protocol (IP) packet filters, which statically open ports to allow the requested communication. For more information, see IP packet filters.
Running IIS on the ISA Server computer
For example, if you want to run Internet Information Services (IIS) on the same computer as ISA Server, you should create an IP packet filter with the following parameters:
| • | Packet filter is only on the computer with IIS. (Select Only this server.) |
| • | Filter mode is Allow packet transmission |
| • | Filter type is Custom. |
| • | IP Protocol is TCP. |
| • | Direction is Inbound. |
| • | Local Port is Fixed Port, 80. |
| • | Remote Port is All ports. |
For a detailed description of how to configure ISA Server in this scenario, see Using packet filters to publish a Web server on the ISA Server computer
Running Outlook on the ISA Server computer
In another scenario, you might want to run Outlook Express on the ISA Server computer to access Simple Mail Transport Protocol (SMTP), Post Office Protocol (POP) and Network News Transfer Protocol (NNTP) servers on the Internet. You should create the following IP packet filters:
| • | An IP packet filter that allows the POP3 protocol, configured with the following custom properties:
| ||||||||||||||
| • | An IP packet filter that allows the SMTP protocol, configured with the following custom properties:
| ||||||||||||||
| • | An IP packet filter that allows the NNTP protocol, configured with the following custom properties:
|
If ISA Server is functioning as your firewall, then you should avoid statically opening ports (by creating IP packet filters) for other services and applications on the computer.
Configuring the browser on the ISA Server computer
If you use a Web browser on the ISA Server computer, you must configure the browser to use the IP address of the server network adapter that is connected to the internal network. Do not use the server computer name or DNS name.
If you configure the server browser to use the computer or DNS name, the name is resolved to the IP address of the external network interface connected to the Internet. When this occurs, requests from the browser are denied because the local address table (LAT) does not contain the external IP address and access is denied. Consequently, you must configure the browser on the server to connect through the Web Proxy service.