Question: I'm trying to get Apple Remote Desktop to function through ISA Server. The standard definition of udp 3283 send/receive does not work. Any ideas?
Answer: Assuming Apple Remote Desktop needs only the one port (based on this article it seems like that's the case), here's how I'd go about setting it up:
You Will Need:
An ISA Server in either Firewall or Integrated mode - Server Publishing and SecureNAT are available only with these modes.
A Protocol Definition for UDP port 3283, Receive then Send - "Apple Remote Desktop Server". Server protocols are defined by the initial connection being made in the incoming direction (eg, TCP inbound, or UDP Receive/Receive,Send).
A Server Publishing Rule that uses the "Apple Remote Desktop Server" protocol and maps to an internal IP address (eg, an address in the LAT) of the client you want to connect to.
Because Server Publishing is essentially a SecureNAT connection in reverse, the client needs to know how to route back to an Internet address so the default gateway on the Mac should be set to the internal IP address of the ISA Server (for a simple network).
And that's pretty much it.
Untested (no Mac, no Remote Desktop, no opposable thumbs) but if the docs are correct, I think it should work. Either way, please leave a comment and let me know if it worked, or if this needs fixing.
If you're using ISA 2004, you can add port shenanigans to the publishing mix and publish different desktops on different ports; ISA 2000 constrains you to using the same port as on the internal machine.
If you are using Apple Remote Desktop 2 you need to allow access to port 5900 to both TCP and UDP. Port 3283 needs only UDP access only.