Register   |   Login   |   February 07, 2012    |   Knowledge Base  >  Knowledge Base Systems  >  ISA  >  Upgrading ISA 2004 EE to ISA2006 EE with configuration storage on the sam server
search:     

Phone: 480-722-1227
Toll Free: 888-722-1227
Home
       Video Player
Knowledge Base
       Research
Support
       Feed Reader
Contact
Unanswered Active Topics Forums Search
Upgrading ISA 2004 EE to ISA2006 EE with configuration storage on the sam server
Last Post 14 Jun 2009 11:59 PM by Vigilant CIO. 0 Replies.
Printer Friendly
Sort:
NextNext
You are not authorized to post a reply.
Author Messages
Vigilant CIOUser is Offline
Basic Member
Basic Member
Posts:360

--
14 Jun 2009 11:59 PM  

 ref  
 BB794804  
 ISAserver.org  

If for some reason you find that you have ISA2004 enterprise installed with the configuration storage server installed on the sam system, you will painfully learn that there is no direct upgrade path.

Best practices will indicate that the cfg storage server should not be installed on the same server for ISA2004 EE. However, that installation does not really provide any warning and actually trys to install both if you select the the default options. If you attempt to upgrade ISA 2006 EE, you will get an error that the cfg storage is installed and the install fails.

  1. To correct;
    1. Prior to adding a config storage server, you must add it into the enterprise replication topo> In ISA2004 mgmt>expand enterprise policeis>toolbox>Network objects>computer sets> add to "remote mgmt & replicate enterpris..." If you do not do this, replication will not work.
    2. If not already done, install ISA2004 configuration storage server and mgmt on another server (call it ISA002) but>but select the replicated storage option > and connect it to the orginalal ISA 2004 EE server (ISA001) that you are trying to upgrade
    3. Recycle isa the ISASTGCTRL service on both servers.
    4. on the server to be upgraded (ISA001), right click on the array>properties>configuration storage>add the array isa002.(FQDN), and remove isa001. then refresh and wait for the monitoring>configuration> indicate "synched...ISA002" and turn green.
    5. Now run the ISA2004 installer on ISA001 and select "modify" and remove the config storage server.
    6. You will now be able to follow the install steps on  BB794804 and bb794833  which basically says in the scenarios;
      1. Install isa2006 cfg on another server
      2. backup the isa2004 ee config (from the top ENTERPRISE level
      3. import that cconfig into the ISA2006 cfg storage server
      4. Then upgrade the isa2004 firewall (ISA001 in this example)
  2. Post Install;
    1. After the update, it is quite likely that many of your public web listener rules will not work. (this is because of the advanced web security setting that dont exist in isa2004)
    2. Symptom; " forbidden" or 501 error
    3. Corrective action; in firewall policies>protocols column (it is helpful to sort on this)
    4. Find your web listensers (firewall block with blue arrow)
    5. right click on each affected listener>properties>authentication tab>"advanced "button>check "allow client authentication over http" and acknowledge the warning button.
    6. Click ok and apply the rules normally
You are not authorized to post a reply.
Forums > Knowledge Base Systems > ISA
Active Forums 4.2
Copyright 2006 - 2011 Vigilant Support   |  Privacy Statement  |  Terms Of Use