I would also be interested in this. I can get everything internally no issues, but I am having a hard time getting it to work from home. And I need that before I can replace Citrix.
how to .... first draft improvements and comments welcome Isa server by default will allow ssl connections only on the ports specified 443 for https and 563 nntps I would not publish on 443 as the web proxy listens on this, nor would I disable the http filtering as has been suggested and publish on 80. It makes sense to try your 2x configuration internally first before publishing either use the only other built in port for ssl or if you are using secure NNTP (news) port then you will need to extend the port range for SSL to allow other ports to be used on ISA, check out this article on doing this http://www.isaserver.org/articles/2004t ... range.html or this http://download.microsoft.com/download/ ... _Ports.doc you can extend the ssl port range without getting your hands dirty with some nifty tools over at www.isatools.org either isatpre or isa tunnel port tool will do. I don't use NNTPS on my networks so I am going to tunnel the traffic via port 563.that means I am lazy but we are testing. create a new server publishing rule; give it a name add the ip address of the server you are publishing (2x gateway) select nntps server, or any ssl port definition you have created select external for listen for requests on in the ports section under the traffic tab, you can select an alternate port for the internal server you are publishing i.e you can map 563 from the external interface to 443 on the internal server or you can choose to leave as is and select port 563 on the 2x server ssl port. you can modify the defaults ports for secure gateway on the client using ORCA as discussed in the instructions. I am not going to detail the correct use of the self signed certificate but you can just disable the checking on the client now if you want to publish applications on the web; assuming you have an ssl cert on your ISA and a pre configured web listener. create the web site in IIS as detailed in the instructions and use http no need for ssl, you can use the default port 80 on the website and another on 2x or vice versa. then all you need to do is create a secure web publishing rule from the isa as detailed below; in ISA go to create secure web publishing rule (different in isa 2006 but you will get it) give it a name such as 2x web publishing or whatever choose ssl bridging then select allow the select secure connection to clients only type the name of the server you are publishing add the path accept requests for your public name add any path mappings choose the web listener already created and off you go.... this means you should be able to publish a secure website (with or without authentication) and allow clients to download a preconfigured 2x client. this client will then connect via secure tunnel over the port that you have defined to the 2x gateway
