RE: ISA Server and Outbound VPN
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 11 Jun 2003 21:15:44 -0500
Hi Greg,
First suspect is always layer 1: routers, cables, ISPs issues -- too
many people, including me, have VPN links stay up for hours or days
without problems. So, as long as your server is up to date, I have to
put ISA firewall related problems low on the list.
Try using L2TP/IPSec -- there are rumors, and nothing more than rumors,
that there's an issue with the control channel getting "stale", for want
of a better term. I don't know if it's a TCP protocol issue, or
something in the PPTP control command set. But sometimes changing to
L2TP helps.
Try switching from your high dollar Intel card with custom Intel drivers
to a cheapo Realtek or Linksys that has built in Win2k drivers. A number
of people have suggested that this has helped them too.
Make sure that there are no Remote Access Policies involved that direct
the servers or clients to drop the connection after "x" minutes of
inactivity.
Run a NetMon trace and catch the packets and see if anything interesting
happens right before the disconnect. Since the disconnect happens so
frequently, you won't have to wait long to get multiple examples.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Greg Wright [mailto:greg@xxxxxxxxxxxx]
Sent: Wednesday, June 11, 2003 9:09 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA Server and Outbound VPN
http://www.ISAserver.org
Hi all,
I havent been able to keep an eye on the mailing list for quite some
time, and I know that in the past there has been some ISA VPN related
posts. The reason I am posting this, is I have a customer that has a
highly configured ISA system, with configuration for an outbounf VPN
connection to their ISP for internet access, and then a couple more
oubound vpn's connecting the office to a central office in the US.
The internet VPN connection is constantly dropping and redialling its
connection. While I was onsite, the VPN never stayed up longer than 5
minutes.
Has anyone got any clues, recommendations or suggestions about issues
relating to VPN calls, ISA quirks etc?
I expect it will be just a matter of troubleshooting it, but I wondered
if anyone could give me a heads up before I get onsite.
Thanks,
Greg
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
