RE: IPSEC/L2TP VPN on ISA Server

From: "David Haam" <DavidH@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>, "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Tue, 28 Aug 2001 10:09:06 -0700
Just a couple of things to keep in mind for your scenario.
 
* with a "site-to-site" VPN, you might want to use straight IPSec
without L2TP (L2TP buys you advantages in ease of
implementation/configuration if you have client-to-site VPNs).
* NAT is not supported on the ends of the IPSec tunnel. However, as long
as you're terminating the tunnel (e.g. ISA server at each each with real
IP's), you'll be fine.
* the PKI (Certs) side of encryption is probably the toughest part of
IPSec, you can do a shared-key IPSec tunnel, but I would only suggest
that for testing/short-term until your PKI is in place.
 

        -----Original Message----- 
        From: Thomas W. Shinder 
        Sent: Tue 8/28/2001 9:58 AM 
        To: [ISAserver.org Discussion List] 
        Cc: 
        Subject: [isalist] RE: IPSEC/L2TP VPN on ISA Server
        
        

        http://www.ISAserver.org
        
        
        Hi Nick,
        
        We didn't go into the intricacies of VPN, because that's for a
future
        book :-)
        
        L2TP/IPSec tunnels are another ballgame completely. PPTP is plug
and
        play. L2TP/IPSec requires some planning. However, check out
Q240262 if
        you don't want to break your brain on Certificate Server :-)
        
        HTH,
        Tom
        www.isaserver.org/shinder
        
        
        Thomas W Shinder, M.D., MCSE, MCT
        
        -----Original Message-----
        From: Nicholas Palmer [ mailto:NICK@xxxxxxxxxxx]
        Sent: Tuesday, August 28, 2001 11:10 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] IPSEC/L2TP VPN on ISA Server
        
        
        http://www.ISAserver.org
        
        
        Hi all,
        I've got a question about setting up a Server to Server VPN.  I
followed
        the example in the back of Tom's book to set up a VPN between to
        different Servers(both with ISA), and everything seems to work
OK.  Well
        it works OK when I use PPTP as the Authentication protocol.  If
I try to
        use IPSEC it fails to Authenticate.  I've read somewhere in
Tom's book
        about an IPSEC driver that needs to be installed, but I've also
seen
        that you can't do IPSEC if you are doing NAT, which ISA does
right?  So
        what is the answer here.
        Thanks in advance,
        Nick.
        ____________________
        Nicholas Palmer
        KCI Computing, Inc.
        (nick@xxxxxxxxxxx)
        
        
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as:
        tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe send a blank email to
leave-isalist-261457I@xxxxxxxxxxxxx
        
        
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: davidh@xxxxxxxxxxxx
        To unsubscribe send a blank email to
leave-isalist-261457I@xxxxxxxxxxxxx
RE: IPSEC/L2TP VPN on ISA Server

Other related posts:
