Error - View Single Post

**ps3cheats** · 25-Mar-2007, 10:50 PM

I currently have a problem with VPN access through my ISA 2004 std ed server.
so far, ISA is working well, as a proxy and firewall. All clients from the LAN are able to browse the itnernet a proxy clients (proxy details configured in IE). The problem occurs when i try to set ISA up as a VPN Server

Here is my current setup:
All servers running windows 2003 Server Std Edition R2

___________________________________________________________________________________________________
|---------|
|Internet|
|---------|
|
|
|
|
|
|
| Router WAN interface: Static IP and DNS servers provided by ISP
|
|----------------------|
|DSL Router/firewall|
|----------------------|
|
| Router LAN Interface- IP addr: 192.168.10.1
|
|
|
|
|
| ISA External Interface -
| IP: 192.168.10.2/24
Outside | Def gw: 192.168.10.1 (router lan interface)
| DNS: none
|--------------|
=======|ISA Server |=============================================================
|--------------|
(inside) | ISA Internal Interface -
| IP: 192.168.1.10/24
| Def gw: none
| DNS: 192.168.1.11 (DC)
|
|
|
|
|
|
|-------------| |------| IP: 192.168.1.12/24
|LAN Switch|-----------------------|client| Def GW: 192.168.1.11 (DC)
|-------------| |------| DNS: 192.168.1.11 (DC)
|
|
|
|
|-----------------|
|Domain controller|
|-----------------|
Domain Dontroller: set up with DNS forwarding to ISP's DNS servers for non-local domain info
IP address: 192.168.1.11/24
Def GW: 192.168.1.10 (ISA internal interface)
DNS: 192.168.1.11

___________________________________________________________________________________________________

I have gone through the default process:
- Ensured VPN client access is enabled
- specified windows grpups that are allowed VPN access
- Enabled PPTP and L2TP
- remote access config=: access network: internal; address assignment: static pool (192.168.100.100/150); internal network used for DNS; authentication: MS Chap v2; radius not used
- Firewall Access:
Action: allow; Protocols: All outbound traffic; from/listner: vpn clients; to: internal; condition: All users
- network rules: left default/unchanged "VPN clients to internal network"

I have opened up all VPN ports on the DSL router/firewall to ISA's external NIC (192.168.10.2).

but still, i canot connect via vpn from another network. Err: the remote computer did not respond.

I have tested wVPN without ISA, and it works, so it means there's nothing wrong with the router/firewall.

any help would really be appreciated

25-Mar-2007, 10:50 PM	#1 (permalink)
ps3cheats Fixed Error! Posts: 1,497 Join Date: Mar 2007 Rep Power: 3 IM:	VPN with ISA 2004 I currently have a problem with VPN access through my ISA 2004 std ed server. so far, ISA is working well, as a proxy and firewall. All clients from the LAN are able to browse the itnernet a proxy clients (proxy details configured in IE). The problem occurs when i try to set ISA up as a VPN Server Here is my current setup: All servers running windows 2003 Server Std Edition R2 ___________________________________________________________________________________________________ \|---------\| \|Internet\| \|---------\| \| \| \| \| \| \| \| Router WAN interface: Static IP and DNS servers provided by ISP \| \|----------------------\| \|DSL Router/firewall\| \|----------------------\| \| \| Router LAN Interface- IP addr: 192.168.10.1 \| \| \| \| \| \| ISA External Interface - \| IP: 192.168.10.2/24 Outside \| Def gw: 192.168.10.1 (router lan interface) \| DNS: none \|--------------\| =======\|ISA Server \|============================================================= \|--------------\| (inside) \| ISA Internal Interface - \| IP: 192.168.1.10/24 \| Def gw: none \| DNS: 192.168.1.11 (DC) \| \| \| \| \| \| \|-------------\| \|------\| IP: 192.168.1.12/24 \|LAN Switch\|-----------------------\|client\| Def GW: 192.168.1.11 (DC) \|-------------\| \|------\| DNS: 192.168.1.11 (DC) \| \| \| \| \|-----------------\| \|Domain controller\| \|-----------------\| Domain Dontroller: set up with DNS forwarding to ISP's DNS servers for non-local domain info IP address: 192.168.1.11/24 Def GW: 192.168.1.10 (ISA internal interface) DNS: 192.168.1.11 ___________________________________________________________________________________________________ I have gone through the default process: - Ensured VPN client access is enabled - specified windows grpups that are allowed VPN access - Enabled PPTP and L2TP - remote access config=: access network: internal; address assignment: static pool (192.168.100.100/150); internal network used for DNS; authentication: MS Chap v2; radius not used - Firewall Access: Action: allow; Protocols: All outbound traffic; from/listner: vpn clients; to: internal; condition: All users - network rules: left default/unchanged "VPN clients to internal network" I have opened up all VPN ports on the DSL router/firewall to ISA's external NIC (192.168.10.2). but still, i canot connect via vpn from another network. Err: the remote computer did not respond. I have tested wVPN without ISA, and it works, so it means there's nothing wrong with the router/firewall. any help would really be appreciated