Wednesday, June 9, 2010

Enable DNS Autodiscovery for ISA 2006 Server/Client

If you assign DHCP addresses on your network and you have DHCP Autodiscovery record for ISA clients enabled then you will not have problem with ISA client configuration and IE Proxy Server settings on IE.


But the problem starts when you have static IP addresses and DNS Autodiscovery does not work.

In that case Proxy settings on IE are not applied. If you want to use GPO to configure Proxy Server settings on IE you'll see that is not possible. Locally installed ISA client does not permit change of this setting using GPO. If you remove ISA client that GPO is applied without any problem to IE and IE Proxy Server setting is configured.

If you want Proxy Server settings to be applied to IE when you have static IP address configured, you have two choices:
- Remove ISA client or
- Enable DNS Autodiscovery Process

Let's review the second possibility:

DNS Autodiscovery process for ISA 2006 is not enabled by default. You should enable on ISA console. If you want to use DNS Autodiscovery you should change the port from 8080 to 80 because DNS does not recognize 8080 request.

In this case when you change this port also if you want DHCP Autodiscovery to work the port on DHCP settings has to be changed from 8080 to 80.

http://your_ISA_Server:80/Wpad.dat

Next step is to update your DNS server with Host A record wpad.yourdomain to point to actual ISA server. This is neccesery because DNS Autodiscovery is asking for http://wpad/wpad.dat and http://wpad/wspad.dat. You can easely test if DNS Autodiscovery works when you past http://wpad/wpad.dat and http://wpad/wspad.dat in IE. If you get this file then DNS Autodiscovery works.

If you try to ping wpad.yourdomain you can see that is not possible. This is because wpad is blocked by default from Windows 2008R2 DNS. What you should do is to unblock it.

dnscmd [] /config /enableglobalqueryblocklist 0

Here is MS article for more information:
http://technet.microsoft.com/en-us/library/ee649250(WS.10).aspx

When this is change is done then DNS Autodiscovery will start to work !!!

Just click on Detect Now on ISA Client and your ISA Server will be Automatically detected.

No comments:

Post a Comment