a while ago Microsoft released a security patch for ISA Server regarding two vulnerabilities: ISA Server stops accepting new requests after you configure Web publishing, Web proxy, or Automatic discovery and A cross-site scripting vulnerability in ISA Server 2006 allows for redirection to malicious sites.
This Microsoft KB has started many threads on www.isaserver.org
message boards about issues involving VPN and RDP protocols. Most of ISA admins know this problem, but none of them had a good workaround or solution.
The recommend action was to uninstall the security update. So, the services could still function as later. Of course, this was not the ideal workaround.
Today I was reading the message boards and find out one more thread about this problem, but it seems a member of www.isaserver.org
message boards (Josh) came up with a solution. Check it out:
1. Open the MMC for RRAS under Administrative Tools, right-click on the server name, and then click on Disable Routing and Remote Access. Click YES on the warning you get about having to reconfigure your RRAS. Then reboot the server again. When it comes up, it should enable RRAS again and establish the proper connections. At this point, I was able to VPN in, but not RDP.
2. To RDP, I had to access the Terminal Services Configuration MMC under Administrative Tools, and with the Connections folder highlighted in the left-hand column, double-click on the "RDP-Tcp" connection. Now go to the Network Adapter tab. In the filed that says Network Adapter, choose the NIC that is your Internal NIC only.
If you´re having this problem, it may worth follow this procedure.