RE: VPN routing Problems
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 14 Feb 2006 20:24:04 -0600
Hi Mark,
This looks like a network behind a network config to me. I prefer Route
for site to site connections, since if you wanted to NAT, you could use
publish services and not go through the hassle of a site to site VPN.
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: Mark Morgan [mailto:MMorgan@xxxxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, February 14, 2006 5:35 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN routing Problems
http://www.ISAserver.org
I Don't know why but it's working again (which is not to comforting),
killed all network rules and rebuilt them and it all came back up. The
strange thing is I can get everything working except 9100 with nat
relationship, or I can get 9100 and nothing else working with route
relationship??? Any ideas on that one???
Thanks
Mark
-----Original Message-----
From: Mark Morgan [mailto:MMorgan@xxxxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, February 14, 2006 2:19 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN routing Problems
http://www.ISAserver.org
Yes I did a 'route add -p' it was working great for months up until
today, I change the network rule to route to test port 9100 denials,
port 9100 traffic started working but all other traffic stopped working,
then changed it back to nat. I cannot ping the remote network from the
VPN but I can ping it from the local isa box and the local LAN????
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Tuesday, February 14, 2006 1:57 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: VPN routing Problems
http://www.ISAserver.org
Hi Mark,
Did you put a routing table entry on the ISA firewall with a route to
the remote site 2 gateway?
HTH,
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: Mark Morgan [mailto:mmorgan@xxxxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, February 14, 2006 3:42 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] VPN routing Problems
http://www.ISAserver.org
Hello All,
I am having some issues with my vpn traffic, My vpn tunnel is up traffic
is flowing to my internal subnet, but i have a second tunnel on an
instagate vpn device, trafic from tunnel 1 on the isa was routing to the
instagate through the second tunnel to a remote site, today it stopped i
can ping the remote site through the instagate from isa local, but
through the isa vpn i cannot ping or access any machines on the
instagate vpn. I have a feeling it is my network rules but i have
rebuilt them and still have same problem??????
remote site 1 remote site 2
| |
| |
ISA Instagate
\ /
\ /
> >
LAN
forgive the bad ascii art.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
mmorgan@xxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.15.8/260 - Release Date:
02/14/2006
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.15.8/260 - Release Date:
02/14/2006
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
mmorgan@xxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.15.8/260 - Release Date:
02/14/2006
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.15.8/260 - Release Date:
02/14/2006
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
