Proxy, Security

Problem running ISA en IAS on the same server

René Jorissen on March 19, 2010 3 Comments • Tags: #default #ias #isa #isaserverdefaultpolicy #policy #same #server

Today I had some problems running ISA 2004 en IAS on the same server. At the beginning the customer was running ISA 2000 and IAS on the same server without any problems. By incident, the customer was forced to upgrade his ISA. They had a 2004 license, so ISA 2004 it was.

I noticed that ISA 2004 puts a “Default ISA policy” with the highest priority in the remote access policies. The rule blocks all RADIUS requests, so I had to manually remove the access policy. After the removal everything was working fine again.

I had to change the configuration in the ISA server again and the “Default ISA policy” came back in IAS. So I had to delete the rule again. I also tried to change the priority of the rule, but the “Default ISA policy” gets the highest priority again after applying a change in ISA.

I cannot find anything specific about this problem on the internet, so maybe someone experienced this before and can provide me with an answer to disable this behavior.

ISA Default Policy

The following two tabs change content below.

René Jorissen

Co-owner and Solution Specialist at 4IP Solutions
René Jorissen works as Solution Specialist for 4IP in the Netherlands. Network Infrastructures are the primary focus. René works with equipment of multiple vendors, like Cisco, Aruba Networks, FortiNet, HP Networking, Juniper Networks, RSA SecurID, AeroHive, Microsoft and many more. René is Aruba Certified Edge Expert (ACEX #26), Aruba Certified Mobility Expert (ACMX #438), Aruba Certified ClearPass Expert (ACCX #725), Aruba Certified Design Expert (ACDX #760), CCNP R&S, FCNSP and Certified Ethical Hacker (CEF) certified. You can follow René on Twitter and LinkedIn.

Latest posts by René Jorissen (see all)

  1. Alexander says:

    I have seen that problem before even with ISA and IAS on separate machines. Somehow the rule order changed with the default policy on top. The result was the same as in your situation. Everybody did get an access denied.

  2. Carsten says:

    long time has passed, but the problem still exist. I am forced to run ISA and IAS on one machine and end up in this problem, too. I found this articel today:
    See: “ISA Server Overwrites Routing and Remote Access Settings”

    Don’t know jet, if it works.
    Any solution from Your site?


  3. Carsten,

    I haven’t troubleshooted the problem further. I just installed two separate machines. This fixed the problem for me.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.