To open ISA Server Management, click Start, point to
All Programs, point to Microsoft ISA Server, and then
click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand
Microsoft Internet Security and Acceleration
Server 2006, expand Arrays, expand
Array_Name, and then click Virtual Private
For ISA Server 2006 Standard Edition, expand Microsoft
Internet Security and Acceleration Server 2006, expand
Server_Name, and then click Virtual Private
When you enable VPN client access, a system policy rule named
Allow VPN clients to firewall is enabled.
After enabling remote client VPN access, a default network rule
is enabled to establish a routing relationship between the Internal
network and the two VPN clients networks (VPN Clients and
Quarantined VPN Clients).
You should create access rules to allow appropriate access to
VPN clients. For example, you can create a rule to allow access
from the VPN Clients network to the Internal network on all
protocols or for specific protocols.
When you configure VPN client access in ISA Server 2004 to
specify which local groups have remote access, you can add only the
You cannot add other local built-in groups, such as Administrators,
Backup Operators, or Power Users. This is because the other local
groups are generic. The VPN server cannot distinguish between local
administrators and domain administrators.