Well, after running all the VPN Wizards, etc. and after all Thomas's articles, he said ISA Server is tightly integrated with RRAS - I guess I don't understand your question - as ISA Server, immediately activates and configures RRAS, the moment you create Remote Sites, or anything VPN Related. This is the way it's always been, ever since I've been using ISA 2000. Unless I am missing something here. Now I am REALLY confused - you could clear that up? Mike -----Original Message----- From: Steve Moffat [mailto:steve@xxxxxxxxxx] Sent: Friday, November 12, 2004 5:21 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Connecting 2 Remote VPN's together - HELP! http://www.ISAserver.org Why are you using RRAS. S -----Original Message----- From: Mike Anderson [mailto:mike@xxxxxxxxxxxx] Sent: Friday, November 12, 2004 1:39 AM To: ISA Mailing List Subject: [isalist] Connecting 2 Remote VPN's together - HELP! http://www.ISAserver.org Hello All, I am ready to shoot myself, I am so frustrated with this whole thing. I read ALL the articles on the ISA Website, specifically written by Thomas Shinder, and I STILL can't get this thing working. (btw, you are one brilliant man, and I own ALL your books). I have 2 Corporate Networks, each with it's own T-1 to the Internet, running ISA Server 2004 as my firewall solution. I am pretty sure I have all the filters properly setup, etc. so I need to now figure out, if my problems are due to ISA or RRAS not being setup properly. In the RRAS servers on each end, I have Routing Interfaces setup, representing the remote sides of the connection. One end strictly calls out, and the other end strictly receives the calls. To play it safe, I created users on both servers, making sure they were identical to the name of the Routing Interfaces I created. Well, I don't want to get into too many details - the important thing is this: I can get the 2 networks connected together just fine, and the link stays up. Now, the ONLY IP addresses I can ping (and this goes for both sides) are the primary IP's that are bound to the Internal NIC on the opposite side. Rest assured, that I have permanent Static Routes entered into RRAS, and the Routing Interface representing the remote side, is the adapter that the route applies to. What is causing me to not be able to ping anything BEYOND the ISA Server? Again, from either the ISA Server itself, or an actual workstation on the LAN, I am able to ping the other side of the connection - yet the only IP's that respond, are the ones ONLY bound on the Remote ISA Servers. It's almost as if Routing is simply not forwarding the packets BEYOND the ISA Server - as my pings come back "unreachable" if I try. At this point, I am simply stumped, and not sure what to do. Any suggestions, or troubleshooting techniques would be incredibly appreciated. Even if I have to strip down the network, one component at a time, until I get to the lowest common denominator - I will do what it takes, to get the traffic routed 100% - going both ways. Thanks for your help, Mike ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------------------------ -------- This E-Mail is confidential. It is not intended to be read, copied, disclosed or used by any person other than the recipient named above. Unauthorised use, disclosure, or copying is strictly prohibited and may be unlawful. Optimum IT Solutions Ltd disclaims any liability for any action taken in connection of this E-Mail. The comments or statements expressed in this E-Mail are not necessarily those of Optimum IT Solutions Ltd or its subsidiaries or affiliates. administrator@xxxxxxxxxx ------------------------------------------------------------------------ -------- ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: mike@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx