RE: RRAS and vpn

• From: Greg Mulholland <greg_mul@xxxxxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 30 Jun 2003 15:31:41 +1000

have to say either RRAS or ICS... prolly RRAS since it is the only one that
would be going on a firewall you would hope....
 
Greg


  _____  

From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Sent: Monday, 30 June 2003 1:42 PM
To: [ISAserver.org Discussion List]


http://www.ISAserver.org


Hi Stefaan,
 
I checked it out tonight, and you can publish the L2TP/IPSec VPN Server
using Server Publishing rules with a back to back DMZ setup with
ISA2000/Win2003 in the front and back. 
 
HOWEVER -- there is one service that must be disabled on the upstream
ISA2000/Win2003 server in order for this to work. I'll award you, (or anyone
else), 5 social credits for coming up with the name of that service in
Win2003.
 
Thanks!
Tom
 
Thomas W Shinder
 <http://www.isaserver.org/shinder> www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server:  <http://tinyurl.com/1llp> http://tinyurl.com/1llp

 

-----Original Message-----
From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxx] 
Sent: Sunday, June 29, 2003 4:08 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RRAS and vpn


http://www.ISAserver.org


Hi Greg,
 
as far a I know you can't publish a Windows 2000 VPN server because PPTP and
L2TP/IPSec uses non-TCP/UDP based protocols (IP protocol 47 and 50
respectively). However, a Windows 2003 VPN server supports L2TP/IPSec with
NAT Traversal and that feature encapsulates the ESP (IP protocol 50) packets
in a UDP packet. Therefore, the ISA server will only see UDP traffic (UDP
port 500 for the IKE and UDP port 4500 for the encapsulated ESP) and that
can be published.
 
For more info about the IPSec NAT Traversal, check out my article
http://www.isaserver.org/articles/IPSec_Passthrough.html . 
 
HTH, 
Stefaan

-----Original Message-----
From: Greg Mulholland [mailto:greg_mul@xxxxxxxxxxxxxxx]
Sent: zondag 29 juni 2003 13:43
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RRAS and vpn


http://www.ISAserver.org



I think I found the answer. ISA does not support gre passing.

 

Ironically it was in "GG" and most of the worthy posts I read were from one
Thomas Shinder and one Jim Harrison. You guys rock!

 

 

Greg Mulholland

Tech Services Manager

Harvey Norman

+613 98019333

greg_mul@xxxxxxxxxxxxxxx

 


  _____  


From: Greg Mulholland [mailto:greg_mul@xxxxxxxxxxxxxxx] 
Sent: Sunday, June 29, 2003 9:20 PM
To: [ISAserver.org Discussion List]

 

http://www.ISAserver.org

Hi guys

 

Wonder if anyone can shed some light on the possibilities of running an rras
server for vpns behind the isa machine. This is not my flavor of choice but
I am researching a scenario in my head. I can find little material that is
relevant to my question and I suspect Tom will be able to answer it in a
flash but, if anyone else is awake and knows the limitations I would
appreciate it.

 

Thanks

 

Greg Mulholland

Tech Services Manager

Harvey Norman

+613 98019333

greg_mul@xxxxxxxxxxxxxxx

 

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg_mul@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
stefaan.pouseele@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg_mul@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn
• » RE: RRAS and vpn

1. Home
2. isalist
3. Archive
4. 06-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---