Issue with Disabling VPN Access to ISA Proxy Server

When working with ISA 2004, be very careful when disabling unneeded functionality. I had an issue arise after disabling VPN access to a customer's ISA proxy server. After the configuration was changed, ISA promptly uninstalled RRAS which disabled all routing capabilities of the box. Unfortunately, from what I have been able to gather, ISA is NOT able to dynamically build the routing table based on network ranges specified in the "Internal Network" area. I think this partly because you must specify addresses ranges not subnets and not all address ranges can be converted to a proper classless networks. In, it explains that the ISA server must be able to reach each network that is specified in the "Internal Network" area via its routing table. So, from what I have been able to gather you must either use RRAS to create the static routes or put persistent routes into the routing table using "route add <network> mask <subnet mask> <gateway> -p"

Networking ISA ISA 2004