|   Login    |   September 25, 2020    |   Knowledge Base  >  Knowledge Base Systems  >  ISA  >  Upgrading ISA 2004 EE to ISA2006 EE with configuration storage on the sam server
Phone: (480) 722-1227
Toll Free: (888) 722-1227
Upgrading ISA 2004 EE to ISA2006 EE with configuration storage on the sam server
Last Post 14 Jun 2009 11:59 PM by Vigilant CIO. 0 Replies.
Printer Friendly
You are not authorized to post a reply.
Author Messages
Vigilant CIOUser is Offline
Basic Member
Basic Member

14 Jun 2009 11:59 PM  


If for some reason you find that you have ISA2004 enterprise installed with the configuration storage server installed on the sam system, you will painfully learn that there is no direct upgrade path.

Best practices will indicate that the cfg storage server should not be installed on the same server for ISA2004 EE. However, that installation does not really provide any warning and actually trys to install both if you select the the default options. If you attempt to upgrade ISA 2006 EE, you will get an error that the cfg storage is installed and the install fails.

  1. To correct;
    1. Prior to adding a config storage server, you must add it into the enterprise replication topo> In ISA2004 mgmt>expand enterprise policeis>toolbox>Network objects>computer sets> add to "remote mgmt & replicate enterpris..." If you do not do this, replication will not work.
    2. If not already done, install ISA2004 configuration storage server and mgmt on another server (call it ISA002) but>but select the replicated storage option > and connect it to the orginalal ISA 2004 EE server (ISA001) that you are trying to upgrade
    3. Recycle isa the ISASTGCTRL service on both servers.
    4. on the server to be upgraded (ISA001), right click on the array>properties>configuration storage>add the array isa002.(FQDN), and remove isa001. then refresh and wait for the monitoring>configuration> indicate "synched...ISA002" and turn green.
    5. Now run the ISA2004 installer on ISA001 and select "modify" and remove the config storage server.
    6. You will now be able to follow the install steps on  BB794804 and bb794833  which basically says in the scenarios;
      1. Install isa2006 cfg on another server
      2. backup the isa2004 ee config (from the top ENTERPRISE level
      3. import that cconfig into the ISA2006 cfg storage server
      4. Then upgrade the isa2004 firewall (ISA001 in this example)
  2. Post Install;
    1. After the update, it is quite likely that many of your public web listener rules will not work. (this is because of the advanced web security setting that dont exist in isa2004)
    2. Symptom; " forbidden" or 501 error
    3. Corrective action; in firewall policies>protocols column (it is helpful to sort on this)
    4. Find your web listensers (firewall block with blue arrow)
    5. right click on each affected listener>properties>authentication tab>"advanced "button>check "allow client authentication over http" and acknowledge the warning button.
    6. Click ok and apply the rules normally
You are not authorized to post a reply.

Active Forums 4.2
Vigilant Technologies
Vigilant Technologies is a certified 8(a), Veteran Owned company headquartered in Chandler, Arizona. We provide products, services and enterprise-wide integration of innovative IT solutions to commercial, Federal, State and Local government clients. Our Leading edge services include Private/Hybrid Cloud, Server Consolidation, Visualization implementation, and Infrastructure Management.
Engage with us
Copyright 2006 - 2013 Vigilant Support   |  Privacy Statement  |  Terms Of Use
Uluslararası evden eve nakliyat