Found my answer for WS03 Migrating from Windows NT Server 4.0 to Windows Server 2003 http://tinyurl.com/ffmi NLB Support for L2TP/IPSec Traffic In Windowsâ2000, Network Load Balancing (NLB) could not manage IPSec security associations (SAs) among multiple servers. If a server in the cluster became unavailable, the SAs managed by that cluster were orphaned and eventually timed out. This meant that you could not cluster L2TP/IPSec VPN servers. You could use DNS round-robin for load distribution across multiple L2TP/IPSec VPN servers, but there was no fault tolerance. In the Windows Serverâ2003 family, NLB has been enhanced to provide clustering support for IPSec SAs. This means that you can create a cluster of L2TP/IPSec VPN servers, and NLB will provide both load balancing and fault tolerance for L2TP/IPSec traffic. This feature is provided only with Windows Serverâ2003, Enterprise Edition, and Windows Serverâ2003, Datacenter Edition. -----Original Message----- From: David V. Dellanno Sent: Friday, June 27, 2003 11:25 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA/VPN NLB on Win2003 http://www.ISAserver.org So is it possible to puchase ISA Standard edition with Windows 2003 Standard edition to achive this? If so, will this cause certain issue with the firewall using NLB? -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Friday, June 27, 2003 11:22 AM To: [ISAserver.org Discussion List] Subject: [isalist] ISA/VPN NLB on Win2003 http://www.ISAserver.org Hey guys, I just had to share my joy. Multiple ISA firewalls running on Win2003 using NLB. PPTP and L2TP/IPSec -- SWEET and it works with WinXP SP1 and allow the other VPN clients that had a problem with the reponses coming from the "wrong" IP address. Next step is to check it out in VPN gateway to gateway mode. Two VPN gateways at the local site, two VPN gateways at the remote site. See if fail over works smoothly. One downside -- I still have to create the arrays the old way, the NLB Manager is a bit "flakey" for want of a better term and leads to more stress and strain then required. Create the NLB arrays the old fashioned way, no problem, and everything works. :-) I'd be happy to hear from anyone who's had a good experience with the Win2003 NLB Manager 'cause its always good to hear from the other side, and maybe I can learn a thing or two! HTH< Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: ddellanno@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: ddellanno@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.