RE: [LONG POST] Second Internal network behind leased line on ISA2004

Hi Tiago,
 
Is this a limitation of Dlink? Its a no brainer using L2TP/IPSec site to site 
VPN to denote multiple address ranges for the remote network.
 
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 


________________________________

        From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx] 
        Sent: Tuesday, March 14, 2006 2:17 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: [LONG POST] Second Internal network behind 
leased line on ISA2004
        
        
        http://www.ISAserver.org
        
        I must specify in the D-link which is my remote and local networks.
         
        There (where I have the VPN Router):
        Remote network:              Local Network:
        192.168.1.0                      192.168.3.0
        mask 255.255.255.0          mask 255.255.255.0
        
         
        Here (where I have ISA):
        Local network:                  Remote Network:
        192.168.1.0                      192.168.3.0
        mask 255.255.255.0          mask 255.255.255.0
        
        When the tunnel is establishing, If I include 192.168.4.0 into the 
Internal Network object, the dlink router will receive that subnet as well as 
being Internal, since it is on ISA's Internal object, and the tunnel gets 
dropped.
         
        I can't specify on the dlink device that I have two remote networks on 
the other side of the tunnel. If I remove the 192.168.4.0 network from the 
Internal Object, the tunnel goes up immediately.
         
         
         
        Tiago de Aviz
        SoftSell - Curitiba
        (41) 3340-2363
        www.softsell.com.br 
         
        Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu 
conteúdo é restrito ao destinatário da mensagem. Caso você tenha recebido esta 
mensagem por engano, queira por favor retorná-la ao destinatário e apagá-la de 
seus arquivos. Qualquer uso não autorizado, replicação ou disseminação desta 
mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável 
pelo conteúdo ou a veracidade desta informação.
        

        >>> tshinder@xxxxxxxxxxx 14/3/2006 17:16 >>>
        
        http://www.ISAserver.org
        
        Hi Tiago,
         
        Why? Its in front of the ISA firewall.
         
        Thomas W Shinder, M.D.
        Site: www.isaserver.org <http://www.isaserver.org/> 
        Blog: http://blogs.isaserver.org/shinder/
        Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
        MVP -- ISA Firewalls

        ------------------------------------------------------
        List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Visit TechGenix.com for more information about our other sites:
        http://www.techgenix.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion List as: 
tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts: