But it's network must be 10.21.90.144/30. I cannot change my internal network (192.168.10.0/24) to be a /30! This VPN it's closed with a partner. My partner has a firewall-1 and his maked this VPN using a /30. At firewall-1 he adds a interface using this network, and configurei fase I to connect using his external IP (internet IP) and fase II using 10.21.90.145/30. So, the guy from Cisco VPN server and my partner (from firewall-1) told me this king of situation its commom. Any large companies ho want give access to some internal network to a vendor, to protect his network, the company estabilish these king of rules. What I don?t understain, why firewall-1, cisco, Linux with a OpenSwan and othe kind of site to site VPN can make this VPN and ISA Server 2004 cant! Thanks! Rafael Rodrigues. -----Mensagem original----- De: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Enviada em: quarta-feira, 9 de novembro de 2005 12:26 Para: [ISAserver.org Discussion List] Assunto: [isalist] RE: CISCO IPSec VPN http://www.ISAserver.org Two different questions. One is IPSec-specific (configurable in the ISA UI). Another is a basic network routing question and one end or the other will have to change their internal structure; little guy loses. -----Original Message----- From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx] Sent: Wednesday, November 09, 2005 3:15 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: CISCO IPSec VPN http://www.ISAserver.org Actually, he has to setup a VPN with a Cisco device using a specific IP address space for his internal network that the other endpoint provided. Example: His internal network is 192.168.10.x (configured in ISA Server's internal network object) The VPN router admin said that his network must be 10.95.10.x Phase I and Phase II must use DES/SHA1 with a 28800 sec lifetime. (No, the Cisco dude won't change it) How's he gonna configure that without having to re-address his internal network? Tiago de Aviz SoftSell - Curitiba (41) 3340-2363 www.softsell.com.br Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é restrito ao destinatário da mensagem. Caso você tenha recebido esta mensagem por engano, queira por favor retorná-la ao destinatário e apagá-la de seus arquivos. Qualquer uso não autorizado, replicação ou disseminação desta mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável pelo conteúdo ou a veracidade desta informação. >>> Jim@xxxxxxxxxxxx 8/11/2005 23:22 >>> http://www.ISAserver.org OMIGOD!! I can't believe it either!!! Can you please provide some details of this configuration? ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: Rafael Rodrigues - nTime [mailto:rafael.rodrigues@xxxxxxxxxxxx] Sent: Tuesday, November 08, 2005 16:43 To: [ISAserver.org Discussion List] Subject: [isalist] CISCO IPSec VPN http://www.ISAserver.org I'm talking with Tiago de Aviz, and I can't belive that ISA Server 2004 CANOT make a VPN to a CISCO!!! It's right TOM? JIM? Rafael Rodrigues. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tiago@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: rafael.rodrigues@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx