RE: A different approach

  • From: "Rob Moore" <RMoore@xxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 15 Sep 2004 14:30:38 -0400

I'll take a look at the ISA 2004 VPN deployment kit. Meanwhile, is there
a way for me to see on the ISA server if it thinks the VPN is
established? (I know how to check it on the IPCop box, and it says the
VPN is established.)
 
Thanks,
Rob

  _____  

From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Wednesday, September 15, 2004 2:20 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: A different approach


http://www.ISAserver.org

Hi Rob,
 
Is the VPN link being established? If so, have you created rules on the
ISA firewall to allow traffic to the remote network and traffic from the
remote network?
 
Check out the ISA 2004 VPN deployment kit for examples of how to create
these rules.
 
HTH,
Tom

  _____  

From: Rob Moore [mailto:RMoore@xxxxxxxx] 
Sent: Wednesday, September 15, 2004 9:01 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] A different approach


http://www.ISAserver.org


Good morning-- 

I hope you aren't tired of hearing from me yet! 

Since I've been having so much trouble getting consistent communication
between my remote sites and the home office when using ISA 2004 (the
remotes and home office have site-to-site VPNs using IPCop firewalls at
either end), I've decided to take a whack at setting up site-to-site
VPNs using remote IPCops and the ISA 2004 firewall in the home office as
the endpoint.

I've set up a test IPCop box and gotten the VPN established (at least
according to IPCop the VPN is established). I followed the instructions
in Microsoft's Configuring IPSec.doc at
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/sitetositeips
ec.mspx
<http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/sitetositeip
sec.mspx> ). Of course, there's nothing in that doc about IPCop. But I'm
not getting any traffic flow between the two sites. Any suggestions as
to where I should look for the problem? Do I need a static route on the
ISA server? (I tried setting one up but didn't know what the gateway
should be.)

Unfortunately, we can't afford 35 ISA servers for our remote sites.  :-(


Thanks, 
Rob 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rmoore@xxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts: