[isalist] Re: Strange VPN Behaviour

By the way this is an ISA 2006 SP1 installation.

Yes, the VPN clients get the IP addresses from the internal DHCP server. This 
is the way we have all our ISA servers configured and they all work fine. This 
server worked fine until about a month ago.

If you are saying I have to have a separate IP range for the VPN, I will try 
that on this server as I need to get it working. But it doesn't make sense that 
all the others are working with the same setup.

Also it's strange that a few of the IP's work and others don't.

Andy



Andy Haigh
HW Systems Pty Ltd
Suite 4, Level 2,
64 Talavera Road
Macquarie Park NSW 2113


Tel: 9882-5050
Fax: 9882-5055
Mob: 0409-885-866
Email: Andy.Haigh@xxxxxxxxxxxxxxxx<mailto:Andy.Haigh@xxxxxxxxxxxxxxxx>


[cid:[email protected]]


Disclaimer: This message is intended only for the use of the person or entity 
to whom it is addressed and may contain information that is confidential and/or 
privileged. If you are not the intended recipient, you are hereby notified that 
any use, review, disclosure, dissemination, retransmission or copying of this 
information is prohibited. If you have received this message in error, please 
contact the sender and delete this message from your system immediately.
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jim Harrison
Sent: Saturday, 12 February 2011 1:53 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Strange VPN Behaviour

Don't do that - in fact; remove it.  Disabling spoof detection is a global 
setting.

Q - is the VPN client getting an address from the same subnet as internal users?
If so, this is essentially non-functional because the internal hosts will NOT 
use ISA as a router to respond to the VPN clients.  Also, this will be the 
cause of the spoof detection because ISA requires that the VPN network be 
different from any other network (otherwise, it's not a separate "network").


From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Andy Haigh
Sent: Thursday, February 10, 2011 4:34 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Strange VPN Behaviour

The event log is showing the IP address as being spoofed and it's dropping the 
packets.

I have tried turning off spoof detection by adding the key 
HKLM\SYSTEM\CurrentControlSet\Services\Fweng\Parameters\DisableSpoofDetection 
and setting the value to (1) but didn't make a difference.

There is a single IP that works, which makes it very confusing.

Andy



Andy Haigh
HW Systems Pty Ltd
Suite 4, Level 2,
64 Talavera Road
Macquarie Park NSW 2113


Tel: 9882-5050
Fax: 9882-5055
Mob: 0409-885-866
Email: Andy.Haigh@xxxxxxxxxxxxxxxx<mailto:Andy.Haigh@xxxxxxxxxxxxxxxx>


[cid:[email protected]]


Disclaimer: This message is intended only for the use of the person or entity 
to whom it is addressed and may contain information that is confidential and/or 
privileged. If you are not the intended recipient, you are hereby notified that 
any use, review, disclosure, dissemination, retransmission or copying of this 
information is prohibited. If you have received this message in error, please 
contact the sender and delete this message from your system immediately.
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Andy Haigh
Sent: Friday, 11 February 2011 10:16 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Strange VPN Behaviour

The tracert show the IP address of the Internal Network on the ISA and then 
nothing else. It seems to be that the firewall is not allowing the VPN traffic 
through for all but one of the DHCP allocated IP's.

If we get this one IP allocated upon connection all works fine.

Andy



Andy Haigh
HW Systems Pty Ltd
Suite 4, Level 2,
64 Talavera Road
Macquarie Park NSW 2113


Tel: 9882-5050
Fax: 9882-5055
Mob: 0409-885-866
Email: Andy.Haigh@xxxxxxxxxxxxxxxx<mailto:Andy.Haigh@xxxxxxxxxxxxxxxx>


[cid:[email protected]]


Disclaimer: This message is intended only for the use of the person or entity 
to whom it is addressed and may contain information that is confidential and/or 
privileged. If you are not the intended recipient, you are hereby notified that 
any use, review, disclosure, dissemination, retransmission or copying of this 
information is prohibited. If you have received this message in error, please 
contact the sender and delete this message from your system immediately.
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Steven Comeau
Sent: Friday, 11 February 2011 8:58 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Strange VPN Behaviour

Just a thought, did you try a tracert or monitoring the remote IP(s) on the ISA 
in question?

Steve Comeau
Associate Director of IT  Rutgers Athletics
83 Rockafeller Road
Piscataway, NJ  08854
732-445-7802
732-445-4623 (fax)
www.scarletknights.com<http://www.scarletknights.com>


[cid:[email protected]]
  [cid:[email protected]]




From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Andy Haigh
Sent: Thursday, February 10, 2011 4:40 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Strange VPN Behaviour

We have a client that has had ISA Server running happily at their site for many 
years and all of a sudden we are having issues with people VPN'ing in.

The actual connection VPN connection is working fine, the issue is they can't 
see anything beyond the ISA Server.

So we connect via VPN and are allocated an IP address from the internal DHCP 
pool all this looks fine. I can now ping the ISA Server's internal IP address 
but I can't ping any devices beyond this.

At present the VPN works perfectly for one of the IP's in the range allocated.

I have checked this against other ISA Servers we have installed and everything 
looks fine. I have removed VPN and recreated it but still the same problem.

Anyone able to shed any light on what might be the issue.

Thanks

Andy


Andy Haigh
HW Systems Pty Ltd
Suite 4, Level 2,
64 Talavera Road
Macquarie Park NSW 2113


Tel: 9882-5050
Fax: 9882-5055
Mob: 0409-885-866
Email: Andy.Haigh@xxxxxxxxxxxxxxxx<mailto:Andy.Haigh@xxxxxxxxxxxxxxxx>


[cid:[email protected]]


Disclaimer: This message is intended only for the use of the person or entity 
to whom it is addressed and may contain information that is confidential and/or 
privileged. If you are not the intended recipient, you are hereby notified that 
any use, review, disclosure, dissemination, retransmission or copying of this 
information is prohibited. If you have received this message in error, please 
contact the sender and delete this message from your system immediately.

***  This message contains confidential information and is

intended only for the individual named. If you are not the

named addressee, you should not disseminate, distribute or

copy this e-mail. Please notify the sender immediately by

e-mail if you have received this e-mail by mistake and delete

this e-mail from your system. E-mail transmission cannot be

guaranteed to be secure or error-free as information could be

intercepted, corrupted, lost, destroyed, arrive late or

incomplete, or contain viruses.  The sender therefore does not

accept liability for any errors or omissions in the contents of

this message, which arise as a result of e-mail transmission.

If verification is required please request a hard-copy version.

Rutgers University - DIA

83 Rockafeller Road

Piscataway, NJ 08854

www.scarletknights.com<http://www.scarletknights.com> ***


JPEG image

PNG image

JPEG image

JPEG image

Other related posts: