RE: Connecting 2 Remote VPN's together - HELP!
- From: "Mike Anderson" <mike@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 12 Nov 2004 06:47:48 -0600
Well, after running all the VPN Wizards, etc. and after all Thomas's
articles, he said ISA Server is tightly integrated with RRAS -
I guess I don't understand your question - as ISA Server, immediately
activates and configures RRAS, the moment you create Remote Sites, or
anything VPN Related. This is the way it's always been, ever since I've
been using ISA 2000. Unless I am missing something here.
Now I am REALLY confused - you could clear that up?
Mike
-----Original Message-----
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Friday, November 12, 2004 5:21 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Connecting 2 Remote VPN's together - HELP!
http://www.ISAserver.org
Why are you using RRAS.
S
-----Original Message-----
From: Mike Anderson [mailto:mike@xxxxxxxxxxxx]
Sent: Friday, November 12, 2004 1:39 AM
To: ISA Mailing List
Subject: [isalist] Connecting 2 Remote VPN's together - HELP!
http://www.ISAserver.org
Hello All,
I am ready to shoot myself, I am so frustrated with this whole thing. I
read ALL the articles on the ISA Website, specifically written by Thomas
Shinder, and I STILL can't get this thing working. (btw, you are one
brilliant man, and I own ALL your books).
I have 2 Corporate Networks, each with it's own T-1 to the Internet,
running ISA Server 2004 as my firewall solution. I am pretty sure I
have all the filters properly setup, etc. so I need to now figure out,
if my problems are due to ISA or RRAS not being setup properly.
In the RRAS servers on each end, I have Routing Interfaces setup,
representing the remote sides of the connection. One end strictly calls
out, and the other end strictly receives the calls. To play it safe, I
created users on both servers, making sure they were identical to the
name of the Routing Interfaces I created. Well, I don't want to get
into too many details - the important thing is this:
I can get the 2 networks connected together just fine, and the link
stays up. Now, the ONLY IP addresses I can ping (and this goes for both
sides) are the primary IP's that are bound to the Internal NIC on the
opposite side. Rest assured, that I have permanent Static Routes
entered into RRAS, and the Routing Interface representing the remote
side, is the adapter that the route applies to.
What is causing me to not be able to ping anything BEYOND the ISA
Server? Again, from either the ISA Server itself, or an actual
workstation on the LAN, I am able to ping the other side of the
connection - yet the only IP's that respond, are the ones ONLY bound on
the Remote ISA Servers. It's almost as if Routing is simply not
forwarding the packets BEYOND the ISA Server - as my pings come back
"unreachable" if I try.
At this point, I am simply stumped, and not sure what to do. Any
suggestions, or troubleshooting techniques would be incredibly
appreciated. Even if I have to strip down the network, one component at
a time, until I get to the lowest common denominator - I will do what it
takes, to get the traffic routed 100% - going both ways.
Thanks for your help,
Mike
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------------------------
--------
This E-Mail is confidential. It is not intended to be read, copied,
disclosed or used by any person other than the recipient named above.
Unauthorised use, disclosure, or copying is strictly prohibited and may
be unlawful. Optimum IT Solutions Ltd disclaims any liability for any
action taken in connection of this E-Mail. The comments or statements
expressed in this E-Mail are not necessarily those of Optimum IT
Solutions Ltd or its subsidiaries or affiliates.
administrator@xxxxxxxxxx
------------------------------------------------------------------------
--------
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
mike@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
