RE: PPTP & L2TP VPN Tunnels

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Sun, 2 Mar 2003 20:03:14 -0600

Hi Glenn,
 
Only one side should dial up. That's what I mean about needing to update
the article. If you already understand demand dial interfaces, you
should be able to do this without problem. If not, then stay tuned for
the update. But you might be better off by setting only the remote side
as permanent and only the remote side should redial on link failure.
 
Thanks!
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 

        -----Original Message-----
        From: Glenn Maks [mailto:gmaks@xxxxxxxxx] 
        Sent: Friday, February 28, 2003 3:04 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: PPTP & L2TP VPN Tunnels
        
        
        http://www.ISAserver.org
        
        
        Answering Tom's question, No, the tunnel does not enable when a
client behind the ISA server makes a request. Casey, I have been reading
about the requirement of a Certificate server when  building VPN tunnels
with ISA. I have installed the Cert service on one of the ISA servers
and issued a Cert to the Remote ISA server, still the tunnel dies on me,
the setting is also set to persistent? I don't think that DHCP would
cause this type of issue, it seems to be more of a authentication and
validation problem?

                -----Original Message-----
                From: Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx] 
                Sent: Friday, February 28, 2003 3:05 PM
                To: [ISAserver.org Discussion List]
                Subject: [isalist] RE: PPTP & L2TP VPN Tunnels
                
                
                http://www.ISAserver.org
                
                
                I'm having the same issue with my production environment
using only PPTP for the tunnels.  Odd thing is that when the tunnel goes
down - both ISA's and the clients behind them can still get out on the
internet yet both ISA's report that the other's endpoint is unreachable
and event log reports that there's no answer.
                 
                I have both RRAS demand dial interfaces set to
persistant.  
                 
                I passed the problem off as a DHCP issue because at the
times the tunnel would go down I would see event logs on my dhcp servers
talking about DHCP db cleanup taking place.  I changed both tunnel
endpoints to use a static IP but the problem still occured...*shurg*
                 
                -casey

                        -----Original Message-----
                        From: Thomas W Shinder
[mailto:tshinder@xxxxxxxxxxxxxxxxxx]
                        Sent: Friday, February 28, 2003 2:58 PM
                        To: [ISAserver.org Discussion List]
                        Subject: [isalist] RE: PPTP & L2TP VPN Tunnels
                        
                        
                        http://www.ISAserver.org
                        
                        
                        Hi Glenn,
                         
                        Does the tunnel reconnect if a client behind the
ISA Server makes a request?
                         
                        Thanks!
                        Tom

                        Thomas W Shinder 
                        www.isaserver.org/shinder 
                        ISA Server and Beyond: http://tinyurl.com/1jq1 
                        Configuring ISA Server: http://tinyurl.com/1llp 

                                -----Original Message-----
                                From: Glenn Maks
[mailto:gmaks@xxxxxxxxx] 
                                Sent: Friday, February 28, 2003 1:37 PM
                                To: [ISAserver.org Discussion List]
                                Subject: [isalist] PPTP & L2TP VPN
Tunnels
                                
                                
                                http://www.ISAserver.org
                                
                                
                                Am I missing something here, I must be,
I have 2 ISA servers that I have setup for a test environment, currently
I am working with VPN tunnels, both PPTP and L2TP, my problem is this,
after establishing a tunnel, either PPTP or L2TP after short period of
time the tunnel disconnects and no mater what I do I can not reestablish
the link. Both of these ISA servers were built as standalone integrated
web cache, firewall and proxy. I did install the Certificate service on
one of the ISA servers, keeping in mind this is only to evaluate the ISA
platform. My remote ISA server that ran Remote VPN wizard and read the
config file also requested and installed a Cert from the Cert server?
There must be a way to build either a PPTP or L2TP tunnel and have it
enabled and always connected. What am I missing here?
                                 
                                Thank you
                                  Glenn
                                 
                                 
        
------------------------------------------------------
                                List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
                                ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
                                ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        
------------------------------------------------------
                                Exchange Server Resource Site:
http://www.msexchange.org/
                                Windows Security Resource Site:
http://www.windowsecurity.com/
                                Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
        
------------------------------------------------------
                                You are currently subscribed to this
ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx
                                To unsubscribe send a blank email to
$subst('Email.Unsub') 

        
------------------------------------------------------
                        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
                        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
                        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        
------------------------------------------------------
                        Exchange Server Resource Site:
http://www.msexchange.org/
                        Windows Security Resource Site:
http://www.windowsecurity.com/
                        Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
        
------------------------------------------------------
                        You are currently subscribed to this
ISAserver.org Discussion List as: cfriese@xxxxxxxxxxxxx
                        To unsubscribe send a blank email to
$subst('Email.Unsub') 

                ------------------------------------------------------
                List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
                ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
                ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
                ------------------------------------------------------
                Exchange Server Resource Site:
http://www.msexchange.org/
                Windows Security Resource Site:
http://www.windowsecurity.com/
                Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
                ------------------------------------------------------
                You are currently subscribed to this ISAserver.org
Discussion List as: gmaks@xxxxxxxxx
                To unsubscribe send a blank email to
$subst('Email.Unsub') 

        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Exchange Server Resource Site: http://www.msexchange.org/
        Windows Security Resource Site: http://www.windowsecurity.com/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe send a blank email to
$subst('Email.Unsub') 

• » PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription