Microsoft 2004 Manuel D’Utilisation

ISA Server 2004 Configuration Guide 16 

Introduction 

Microsoft Certificate Services can be installed on the domain controller on the internal 
network and issue certificates to hosts within the internal network domain, as well as to hosts 
that are not members of the Internal network domain. We will use certificates in a variety of 
configuration scenarios in this ISA Server 2004 Configuration Guide series, including to 
accomplish the following: 

•  Allow the ISA Server 2004 firewall to use the L2TP/IPSec VPN protocol for a site-to-site 

VPN link 

•  Allow the ISA Server 2004 firewall to use the L2TP/IPSec VPN protocol for a VPN client 

connection from a remote access VPN client 

•  Enable remote users to access the Outlook Web Access site using highly secure SSL-to-

SSL bridged connections 

•  Publish secure Exchange SMTP and POP3 services to the Internet 

The certificates enable us to use SSL/TLS security. The SSL (Secure Sockets Layer) protocol 
is a session layer protocol that encrypts data moving between the client and server machines. 
SSL security is considered the current standard for providing secure remote access to Web 
sites. In addition, certificates can be used to confirm the identity of VPN clients and servers so 
that mutual machine authentication can be performed. 

In this document we will discuss the following procedures: 

•  Installing Internet Information Services 6.0 to support the Certificate Authority’s Web 

enrollment site 

•  Installing Microsoft Certificate Services in Enterprise CA mode