Have not played with IAS for years. Is there a reason why you dont want to allow "all traffic" from you internal range to that server. That is, if you trust your inside network then its much easier to block the ports you dont want if you are looking for "full" access to that server. If you want minim access, work out the what you want your inside range to do then look up the ports needed for each of those services. You may need to open ports for the server to talk to your inside network as well.
ie:
Server to inside range : what ever is needed
inside range to Server : what ever is needed
inside to outside : what ever is needed/allowed
outside to inside : and all that nat stuff...
This would be a good place to start.
Bookmarks