What do you hope to gain by creating a VPN tunnel between SMTP servers? This is the hard way of dealing with dynamically-assigned IPs. Take a look at : 1. Dynamic DNS 2. the Exchange docs for setting up an ETRN scenario Also, PPTP is the only VPN that the Exchange server can use; ISA NAT doesn't handle IPSec (required for Windows L2TP). ISA can be the VPN client or server for the external SMTP server, but I see no benefit from this just to pass email. Jim Harrison [ISAQFE] Read the help, books and articles! This posting is provided "AS IS" with no warranties, and confers no rights. ----- Original Message ----- From: "Mark Hippenstiel" <m.hippenstiel@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, March 24, 2003 09:35 Subject: [isalist] Howto make ISA server a VPN client http://www.ISAserver.org This is a multi-part message in MIME format. -------------------------------------------------------------------------------- Hi folks, I am currently evaluating a scenario in which an Exchange Server behind ISA connects to the ISP's mail server via VPN, thus elimiating the need for a static IP address. Now I'm facing some problems of understanding which you can hopefully help me get rid of. - Do I have to make ISA or the Exchange Server the VPN client? - ISA does not support L2TP-tunneling, does it? I would rather not use PPTP, as does the provider - So, do I have to set up a static route to the ISP mail server on the ISA machine? With RAS? (btw I already tried that but the route seems to work only on ISA itself? - of course it didn't work but I wanted to see what happens :-) - Can this route point to an interface that I created with the VPN wizard of RAS? - Or is this configuration completely impossible? - And finally if it *is* possible, what kind of packet filters to I have to set within ISA? Can I use Tom's article on ISA to RAS connections as a guideline or is there some substantial difference between a gateway-to-gateway configuration and my idea of ISA being a "client" for that matter? As always, thanks for listening! Mark -------------------------------------------------------------------------------- ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')