[isalist] Re: GRE routing - Internal<->internal

• From: "Crockett, Gregory" <Gregory.Crockett@xxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Mon, 12 Jun 2006 18:28:28 -0500

The test machine is an Aruba thin  AP.  The closes variable of a
computer name is a location code - it is unique.   Just is case, I
changed the code - same result.  No, the test machine is not connected
to both networks simultaneously - it is connected to a Static VLAN port
on a Cisco 2950.  Now, the wireless switch port is trunked with 802.1q.
It, too, is connected to the same Cisco.

 

 

 

________________________________

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: Monday, June 12, 2006 4:59 PM
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: GRE routing - Internal<->internal

 

That Failure code resolves to:

"You were not connected because a duplicate name exists on the network.
Go to System in Control Panel to change the computer name and try
again.".

 

This test machine isn't connected to both networks simultaneously, is
it?

 

________________________________

From: isalist-bounce@xxxxxxxxxxxxx on behalf of Crockett, Gregory
Sent: Mon 6/12/2006 12:48 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: GRE routing - Internal<->internal

Jim,

Thanx

 

Here the log.  I will send the ISAInfo directly to you.

 

TIA

 

Greg

Server Name

Log Record Type

Log Time

Result Code

Source Port

Destination IP

Destination Port

Protocol

Action

Rule

Client IP

Source Network

Destination Network

Transport

ROXY

Firewall

2:16:27 PM

0x80074e20 

1025

192.168.252.2

514

514 udp

Closed Connection

Wireless AP - Internal - Wireless

192.168.113.41

Internal

Wireless

UDP

ROXY

Firewall

2:16:27 PM

0x80074e20 

8211

192.168.252.2

8211

8211

Closed Connection

Wireless AP - Internal - Wireless

192.168.113.41

Internal

Wireless

UDP

ROXY

Firewall

2:16:30 PM

0x80074e20 

0

192.168.252.2

0

GRE - IP:47

Closed Connection

Wireless AP - Internal - Wireless

192.168.113.41

Internal

Wireless

GRE

ROXY

Firewall

2:16:45 PM

0x0 

1024

192.168.252.2

123

NTP (UDP)

Initiated Connection

Wireless AP - Internal - Wireless

192.168.113.41

Internal

Wireless

UDP

ROXY

Firewall

2:16:47 PM

0x0 

1025

192.168.252.2

514

514 udp

Initiated Connection

Wireless AP - Internal - Wireless

192.168.113.41

Internal

Wireless

UDP

ROXY

Firewall

2:16:47 PM

0x0 

8211

192.168.252.2

8211

8211

Initiated Connection

Wireless AP - Internal - Wireless

192.168.113.41

Internal

Wireless

UDP

ROXY

Firewall

2:16:49 PM

0x0 

0

192.168.252.2

0

GRE - IP:47

Initiated Connection

Wireless AP - Internal - Wireless

192.168.113.41

Internal

Wireless

GRE

ROXY

Firewall

2:16:49 PM

0x80070034 

0

192.168.252.2

0

GRE - IP:47

Failed Connection Attempt

Wireless AP - Internal - Wireless

192.168.113.41

Internal

Wireless

GRE

 

 

________________________________

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: Monday, June 12, 2006 1:54 PM
To: isalist@xxxxxxxxxxxxx
Subject: RE: [isalist] Re: GRE routing - Internal<->internal

 

Please copy the relevant log entries in your response; we can't solve
this with piece-at-a-time information.

You can also send me your ISAInfo and I can evaluate it against your
stated objectives...

 

________________________________

From: isalist-bounce@xxxxxxxxxxxxx on behalf of Crockett, Gregory
Sent: Mon 6/12/2006 5:48 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: GRE routing - Internal<->internal

http://www.ISAserver.org <http://www.isaserver.org/> 
-------------------------------------------------------
 
Jim,
The state of the connection is "Failed Connection Attempt".  The AP has
IPSec capability.  Should I configure with IPSec, the connection is
allowed, and all is well.  Does this not prove that routing exist
between the ap and wireless switch?  The IPSec configuration cost about
$250 for each AP that connects using IPSec.  GRE is a must. 

TIA

greg

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: Thursday, June 08, 2006 4:11 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: GRE routing - Internal<->internal

http://www.ISAserver.org <http://www.isaserver.org/> 
-------------------------------------------------------
 
Does the switch have a route to the wireless device through ISA?
What else do the logs show besides "port 0" (there is no port for GRE)?
IOW, what is the state of the connection?

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org <http://isatools.org/> 
   Read the help / books / articles!
-------------------------------------------------------


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Crockett, Gregory
Sent: Thursday, June 08, 2006 13:54
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: GRE routing - Internal<->internal

http://www.ISAserver.org <http://www.isaserver.org/> 
-------------------------------------------------------
 
Jim,
I created the custom protocol -- same results.  The log does show the
protocol (47) being used -- sort of.  The Source/Destinations Ports are
both 0.
On creating the protocol, "outbound" is not an option -- only "send" and
"send receive".  I tried them both.

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: Thursday, June 08, 2006 1:01 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: GRE routing - Internal<->internal

http://www.ISAserver.org <http://www.isaserver.org/> 
-------------------------------------------------------
 
Create a custom "raw" protocol using IP protocol 47 outbound.
Use that protocol in the "allow" access rule from the device to the
switch.


-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org <http://isatools.org/> 
   Read the help / books / articles!
-------------------------------------------------------


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Crockett, Gregory
Sent: Thursday, June 08, 2006 10:50
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: GRE routing - Internal<->internal

http://www.ISAserver.org <http://www.isaserver.org/> 
-------------------------------------------------------
 
Yes, ISA is set as the default route on the AP.

TIA

greg

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: Thursday, June 08, 2006 12:25 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: GRE routing - Internal<->internal

http://www.ISAserver.org <http://www.isaserver.org/> 
-------------------------------------------------------
 
??
"on ISA"?


-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org <http://isatools.org/> 
   Read the help / books / articles!
-------------------------------------------------------


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Crockett, Gregory
Sent: Thursday, June 08, 2006 10:11
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: GRE routing - Internal<->internal

http://www.ISAserver.org <http://www.isaserver.org/> 
-------------------------------------------------------
 
Yes, on ISA as the default route.

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Jim Harrison
Sent: Thursday, June 08, 2006 12:07 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: GRE routing - Internal<->internal

http://www.ISAserver.org <http://www.isaserver.org/> 
-------------------------------------------------------
 
GRE is not TCP:47, but IP:47.

Does the wireless device use ISA as the default route?

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org <http://isatools.org/> 
   Read the help / books / articles!
-------------------------------------------------------


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Crockett, Gregory
Sent: Thursday, June 08, 2006 09:57
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] GRE routing - Internal<->internal

Hello all,
I have a wireless device that needs to attach to a wireless switch, via
GRE, on a different subnet. Any ideas on how I can do this? I
created/allowed TCP 47 -- still no go.
TIA

greg

________________________________

Server Name      Source Port     Destination IP  Destination Port
Protocol         Action  Rule    Client IP       Source Network
Destination Network      Transport      
ISA      1024    192.168.2.1     123     NTP (UDP)       Initiated
Connection       Wireless AP - Internal - Wireless       192.168.1.41
Internal         Wireless        UDP    
ISA      0       192.168.2.1     0       Unidentified IP Traffic
Closed Connection        Internal ->internal     192.168.1.41
Internal         Wireless        GRE    
       


All mail to and from this domain is scrutinized by the Scrutinizer.


All mail to and from this domain is GFI-scanned.

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/> 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


All mail to and from this domain is scrutinized by the Scrutinizer.


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/> 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


All mail to and from this domain is GFI-scanned.

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/> 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


All mail to and from this domain is scrutinized by the Scrutinizer.


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/> 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


All mail to and from this domain is GFI-scanned.

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/> 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


All mail to and from this domain is scrutinized by the Scrutinizer.


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/> 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


All mail to and from this domain is GFI-scanned.

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/ 
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/> 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


All mail to and from this domain is scrutinized by the Scrutinizer.


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/ 
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/> 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is scrutinized by the Scrutinizer.


All mail to and from this domain is scrutinized by the Scrutinizer.

Other related posts:

• » [isalist] GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal
• » [isalist] Re: GRE routing - Internal<->internal

1. Home
2. isalist
3. Archive
4. 06-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---