If the packet filtering options provided by the Small Business Server Internet Connection Wizard did not provide a filtering option required for your network, you must create a new IP packet filter using the ISA Management snap-in. Note that packet filters create a static opening in the firewall, and only allow access to the Small Business Server computer, not to clients on the local network.

To create a custom packet filter

1. Open ISA Management. (Click Start, and then click Small Business Server Administrator Console. Double-click Internet Security and Acceleration Server 2000.)
2. Double-click Access Policy.
3. Right-click IP Packet Filters, and then click New. The New IP Packet Filter Wizard appears.
4. On the Welcome page, enter a name for the IP packet filter name field.
5. On the Filter Mode page, accept the default of Allow packet transmission if you want to permit the traffic; otherwise select Block packet transmission.
6. On the Filter Type page, select a predefined filter from the drop-down list. If a predefined filter is not available, select Custom. If you select Custom, you must then enter the protocol used, communication direction, and any filter-specific information on the Filter Settings page.
7. On the Local Computer page, accept the default of Default IP address for each external interface on the ISA Server computer.
8. On the Remote Computers page, accept the default of All remote computers; otherwise, select Only this remote computer and enter the remote computer's IP address.
9. Click Finish on the Completing the New IP Packet Filter Wizard page.
10. Restart the Firewall service.
11. In the console tree, under ISA Management, double-click Monitoring, and then select Services.
12. In the details pane, restart each of the ISA Server services to which the new filter will be applied. Right-click the service, and then click Stop. Once the service is stopped, right-click the service, and then click Start.