ISA 2004 and iGoldmine

A few months ago I moved my sales staff to a new server. This put them on a seperate network with it's own internet connection. I have needed to get iGoldmine up and working but I had not done that. Until today. And it was a pain, which I actually started day before yesterday. The first nightmare was that my machine wouldn't reboot after installing iGoldmine. Turns out they have an incompatibility with one of the microsoft updates.
This is always a problem with goldmine. I am not real pleased with igoldmine but I have no other options owing to the fact that we use goldmine and want remote access. Anyway, the solution was to apply the iGoldmine patch in safe mode. Then I had to remove an icompatible windows patch after that. Pain in the but. This is a patch from back in April, 4 months ago. You would think they would get it fixed.
Anyway, after getting it installed, it worked from inside the firewall, but not outside. Goldmine tech support of course was of no assistance and said they dont' support firewall configurations, which is typical of their support, they are extremely unhelpful even though I am sure they have thousands of customers with the same issues. I didn't find much, other than people asking the same questions, in the forums.
So here is how I finally got iGoldmine working through my ISA 2004 firewall(I know you might think it so much more than a firewall and it may well be, whatever).
I am on Small Business Sever 2003, if that makes any difference to you

1. Open "Microsoft Internet Security and Acceleration Server" Management Console.
2. Click on your server
3. Click on "Firewall Policy"
4. Right click and chooose New/Access Rule (or click "Create a New Access Rule" int he task menu.
5. Name it what you want, I chose "iGoldmine". Click Next
6. Choose "Allow". click next.
7. For "This rule applies to" choose "Selected Protocols"
8. Click Add
9. Now you are at the "Add Protocols" Window.
10. You will notice at the top of the protocol "type" list there is 3 menus. New, Edit Delete. Edit and Delete may be grayed out if you haven't selected a protocol
11. Click New, then Choose Protocol
12. Give it a name, I like to confuse myself so I called it "iGoldmine". Same name, but this is a protocol and not an access rule.
13. Choose New in the "New Protocol Definition Wizard"
14. You want the following: Protocol Type:TCP, Direction:Outbound:Port Range from 491 to 491. Probably the only changes you need to make are to the port range values, the rest are probably defaulted correctly.
15. Click Ok
16. Click new again
17. This was the one that got me. You need an inbound filter for port 80.
18. Protocol Type:TCP, Direction:Inbound, Port Range From 80 to 80. If you don't use port 80 you will need to change this in the iGoldmine cluster manager, but you do have that option
19. Click ok
20. Click Next
21. Choose No on Secondary Connection, Click next.
22. Click Finish
23. No to add them you will need to find them in the "Add protocols" window. Probably the easiest is to choose All protocols and find them in alphabetical order. You ned to choose the ones you just added and click add to add them to the protocols section of the New Access Rule Wizard.
24. Click close once you have done that.
25. Click next
26. Access Rule Sources. Choose External. Click next
27. Access Rule Destinations. Choose "Local Host"
28. Click next
29. Leave default "All Users", Click next
30. Click Finish.

That should do the trick. It should work immediately.
The next problem I had was giving users log on local rights. I was able to logon immediately after the above as an admin on the iGoldmine server, but regular users could not until I made some changes. I will talk abou that in my next post.