ISA in SBS - yes, it's secure

A central location for SBS ISA specific configuration information relevant to small consulting practices and others smart enough to use the best technology in the world.

Lingo - The Talk of Broadband

Wednesday, April 25, 2007

Publishing AuthAnvil Self Service Token Enrollment

In using AuthAnvil to create a secure two-factor remote access for the SBS servers we manage it was decided that we'd like to allow users to Enroll the Cryptocard token we've provided themselve. AuthAnvil allows this through a self service token enroll website located on IIS. We'll use SSL to publish this site.

  1. Click Publish a Web Server. Call it AuthAnvil Token Enroll.
  2. Click Next, Choose Allow, Click Next.
  3. The server name will be publishing.yourinternaldomain.local. Check Forward the orginal host header. The path will be /AuthEnroll/* The public name is the DNS name of your server, for example: Click Next.
  4. Choose the SBS Web Listener. Click Next.
  5. Leave All Users. Click Next.
  6. Click Next, until done. Then Click Finish.
  7. Make sure your rule is at the bottom of the other publishing rules in your server. This will make it rule 6 or so.
  8. Right click on it and select Properties
  9. On the Bridging tab make sure SSL is checked
  10. On the To tab check to make sure your server name is correct, the check box is checked and the radio button for requests appear to come from the ISA server is selected.
  11. On the Public Name tab make sure the public DNS name of your server is listed and is correct.
  12. Click OK.
  13. Press the Apply button for this rule to take effect.


Post a Comment

<< Home