[isalist] Re: Error establishing a VPN to the ISA server
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 27 Jun 2006 20:41:53 -0700
I don¹t understand... If the local Ethernet by chance uses the same logical
subnet as the corporate office, how is changing the VPN¹s assigned IP going
to make host destinations on the local subnet route down the VPN rather than
local?
t
On 6/27/06 8:34 PM, "Thomas W Shinder" <tshinder@xxxxxxxxxxx> spoketh to
all:
> How about RPC/HTTP? That gives him full Outlook functionallity without
> requireing VPN.
>
> Or use Jim suggestion -- I've used the same trick and it works a treat.
>
> HTH,
> Tom
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org <http://www.isaserver.org/>
> Blog: http://blogs.isaserver.org/shinder/
> Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
> MVP -- ISA Firewalls
>
>
>
>>
>>
>>
>> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
>> Behalf Of Glenn P. JOHNSTON
>> Sent: Tuesday, June 27, 2006 10:29 PM
>> To: isalist@xxxxxxxxxxxxx
>> Subject: RE: [isalist] Re: Error establishing a VPN to the ISA server
>>
>>
>>
>>
>> I'm told he refuses to use OWA as he can't sync his mail with the OST on his
>> notebook. There is just no helping some people, no matter how hard you try
>> to be helpful and solve their problem, they just refuse all help on
>> principle !
>>
>>
>>
>> Also they passed on to me, that in his yelling and screaming his demanding
>> to know 'Why someone did not realise this would happen, and get it fixed
>> before hand, so I can get my e-mail"
>>
>>
>>
>> I really feel sorry for the IT guy at the site, his early 20's, finished a
>> development oriented IT degree last year, is quite bright really, but is
>> still just learning the finer points of the winserver environment,
>> supporting XP etc, and it working toward his MCSE, having passed the first 2
>> exams in the last couple of months. He reports to this Director, and from
>> what I can see, gets one hell of a serve from him as soon as anything a
>> little bit odd occurs.
>>
>>
>>
>> I can't see a away around this, without the Director having to do something
>> out of the ordinary, which apparently, is just not an option, and have just
>> told them that.
>>
>>
>>
>> I've suggested the only possibly way, I can see, is to go out and purchase a
>> wireless broadband card from someone local, get it on the net, set up a
>> notebook with it and his e-mail, and get it express couriered to him. He'd
>> have it early eveing or first thing in the morning.
>>
>>
>>
>> There was a chocking sound on the other end of the phone, "but then he'd
>> have to carry 2 notebooks back ! " and "What do I do if he gets it and it
>> does not work ?" ..................................
>>
>>
>>
>> Find another job came to mind..
>>
>>
>>
>>
>> From: isalist-bounce@xxxxxxxxxxxxx on behalf of Thor (Hammer of God)
>> Sent: Wed 28/Jun/2006 12:49
>> To: isalist@xxxxxxxxxxxxx
>> Subject: [isalist] Re: Error establishing a VPN to the ISA server
>>
>>
>>
>>
>> http://www.ISAserver.org
>> -------------------------------------------------------
>>
>> Well, it would have worked other than the gw on the hotel being the same as
>> the SBS box... Bad luck there. But, I've had to do this several times for
>> the exact same scenario with my people. Seems the Marriott and I thought
>> alike in our IP schemes ;)
>>
>> You could always just add another IP address to the SBS box (well, you could
>> if it were a "regular" server install-- I don't know what you'd have to go
>> through on SBS to do that.) That would work, though.
>>
>> Not much we can do about a guy who wants to scream more than get the job
>> done, though. I'd tell him that if he wanted his email to STFU and do what
>> was needed. It's not like it is anyone's "fault." There are other options
>> you have, but they would all require him doing *something*.
>>
>> I'm assuming that OWA is not an option for some reason?
>>
>> t
>>
>>
>> On 6/27/06 7:37 PM, "Glenn P. JOHNSTON" <glenn.johnston@xxxxxxxxxxx> spoketh
>> to all:
>>
>>> > The internal IP of the SBS server is 192.168.110.2, G/W on the hotel BB
>>> > service is also 192.168.110.2 unfortunately !
>>> >
>>> > I tried the static route on my home ADSL service by changing the
>>> internal
>>> > private IP to match the Hotel's to play with, and everything else works,
>>> I can
>>> > get to the internet and other clients networks fine, but I can not get
>>> to
>>> > anything on the remote network after the tunnel is connected, of the
>>> client
>>> > with the problem.
>>> >
>>> > Putting the static route in I doubt will work anyway, the fellow will
>>> probably
>>> > just yell and scream as soon as he is asked to do anything remotely
>>> technical,
>>> > expecting it to be magically fixed from this end.
>>> >
>>> > ________________________________
>>> >
>>> > From: isalist-bounce@xxxxxxxxxxxxx on behalf of Thor (Hammer of God)
>>> > Sent: Wed 28/Jun/2006 12:27
>>> > To: isalist@xxxxxxxxxxxxx
>>> > Subject: [isalist] Re: Error establishing a VPN to the ISA server
>>> >
>>> >
>>> >
>>> > http://www.ISAserver.org
>>> > -------------------------------------------------------
>>> >
>>> > All he has to do is set a static route for the SBS box's IP to the
>>> gateway
>>> > address of the VPN endpoint.
>>> >
>>> > IOW, if the SBS box is 192.168.110.101, and his PPP VPN interface got
>>> > assigned something like 192.168.110.11 from the RRAS server (do an IP
>>> config
>>> > to see what ip his PPP adapter is, or look at the RRAS properties of the
>>> > connection) then you would have him do a:
>>> >
>>> > ROUTE -p add 192.168.110.101 mask 255.255.255.255 192.168.110.11
>>> >
>>> > That way, when he attempts to access the SBS server, the request will
>>> route
>>> > down the VPN rather than broadcasting on the "local" 192.168.110.x
>>> network.
>>> >
>>> > t
>>> >
>>> >
>>> > On 6/27/06 7:13 PM, "Glenn P. JOHNSTON" <glenn.johnston@xxxxxxxxxxx>
>>> spoketh
>>> > to all:
>>> >
>>>> >> http://www.ISAserver.org
>>>> >> -------------------------------------------------------
>>>> >>
>>>> >> Hi,
>>>> >>
>>>> >> Maybe, maybe not directly and ISA question, and I've posted this in an
>>>> SBS
>>>> >> forum as well, but you people are pretty bright & I thought you might
>>>> have
>>>> >> some worth while input on this.
>>>> >>
>>>> >> One of my clients has an issue with VPN tunnel. This has been inplace
>>>> since
>>>> >> Sunday afternoon, but they only rang me this morning.
>>>> >>
>>>> >> One of their directors is at a week long conference, and the Hotel
>>>> where he
>>>> >> is
>>>> >> staying, has provides an in room broadband service.
>>>> >> The BroadBand in the hotel is using a 192.168.110.0/24 address range,
>>>> the
>>>> >> internal address of the clients network at the office is also a
>>>> >> 192.168.110.0/24 range.
>>>> >>
>>>> >> The VPN tunnel establishes fine, and the VPN connector on his notebook
>>>> get
>>>> >> an
>>>> >> address, of course, in the 192.168.110.100 to 192.168.110.199 range of
>>>> the
>>>> >> DHCP server on the SBS server.
>>>> >>
>>>> >> Once the tunnel is established, he can acess nothing on the SBS. This
>>>> is to
>>>> >> be
>>>> >> expected as the address ranges are the same, does anyone have any
>>>> bright
>>>> >> idea's on how to get around this. The Director is yelling and screaming
>>>> about
>>>> >> not being able to get his e-mail.
>>>> >>
>>>> >> Unfortunately he is out out direct reach in another state, and has
>>>> very
>>>> >> little
>>>> >> tolerance for such problems.
>>>> >>
>>>> >> Regards
>>>> >> Glenn
>>>> >> ------------------------------------------------------
>>>> >> List Archives: //www.freelists.org/archives/isalist/
>>>> >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>>> >> ISA Server Articles and Tutorials:
>>>> >> http://www.isaserver.org/articles_tutorials/
>>>> >> ISA Server Blogs: http://blogs.isaserver.org/
>>>> >> ------------------------------------------------------
>>>> >> Visit TechGenix.com for more information about our other sites:
>>>> >> http://www.techgenix.com
>>>> >> ------------------------------------------------------
>>>> >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>>>> >> Report abuse to listadmin@xxxxxxxxxxxxx
>>>> >>
>>>> >>
>>>> >>
>>> >
>>> >
>>> > ------------------------------------------------------
>>> > List Archives: //www.freelists.org/archives/isalist/
>>> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>> > ISA Server Articles and Tutorials:
>>> > http://www.isaserver.org/articles_tutorials/
>>> > ISA Server Blogs: http://blogs.isaserver.org/
>>> > ------------------------------------------------------
>>> > Visit TechGenix.com for more information about our other sites:
>>> > http://www.techgenix.com
>>> > ------------------------------------------------------
>>> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>>> > Report abuse to listadmin@xxxxxxxxxxxxx
>>> >
>>> >
>>> >
>>
>>
>> ------------------------------------------------------
>> List Archives: //www.freelists.org/archives/isalist/
>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>> ISA Server Articles and Tutorials:
>> http://www.isaserver.org/articles_tutorials/
>> ISA Server Blogs: http://blogs.isaserver.org/
>> ------------------------------------------------------
>> Visit TechGenix.com for more information about our other sites:
>> http://www.techgenix.com
>> ------------------------------------------------------
>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>> Report abuse to listadmin@xxxxxxxxxxxxx
>>
>
Other related posts:
