Issue with Disabling VPN Access to ISA Proxy Server

When working with ISA 2004, be very careful when disabling unneeded functionality. I had an issue arise after disabling VPN access to a customer's ISA proxy server. After the configuration was changed, ISA promptly uninstalled RRAS which disabled all routing capabilities of the box. Unfortunately, from what I have been able to gather, ISA is NOT able to dynamically build the routing table based on network ranges specified in the "Internal Network" area. I think this partly because you must specify addresses ranges not subnets and not all address ranges can be converted to a proper classless networks. In http://www.microsoft.com/technet/isa/2004/plan/bp_networks.mspx, it explains that the ISA server must be able to reach each network that is specified in the "Internal Network" area via its routing table. So, from what I have been able to gather you must either use RRAS to create the static routes or put persistent routes into the routing table using "route add <network> mask <subnet mask> <gateway> -p"

Networking ISA ISA 2004