You want the ISA server's default gateway to be the interface TO the ISP, NOT at the other end of the VPN tunnel. You can verify that this is happening by running a "route print" at a command prompt before dialing the VPN connection, and again after. You will notice the default route (0.0.0.0 mask 0.0.0.0) changes when the VPN is connected. Clearing the checkbox as shown below will allow you to have full connection to the VPN, and route all non-local and non-VPN traffic out to the satellite link. The ISA server's routing table will be updated with routes available via VPN, but still route all non-local traffic out it's external interface I'm running this exact setup at a client using "Startband" satellite ISP from Dish Networks. Try it, You'll see.. Brad Benz MCSE(2K), CCNA, CCDA, CIPT Voice/Data Integration Engineer inTouch Solutions Boise, ID 83708 208.947.6786 bbenz@xxxxxxxxxxxxxxxxxxx -----Original Message----- From: Bogdan Florin [mailto:florinb@xxxxxxxxxxx] Sent: Tuesday, December 25, 2001 12:23 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: ISA and VPN http://www.ISAserver.org Of course it is using the default gateway because this is the way of having Internet traffic trought Satellite Provider ! If I establish the VPN "WITHOUT USING the default gateway from the remote network" than I will do traffic on usual LINE but having a VPN LINK ESTABLISHED without ANY REASON. Than strange thing it is that AFTER VPN established, (of course the default gateway are changed) ISA dosesent work for FTP download. ANY FTP sites when accesed reply with this message: ISA Server: extended error message : 200 Type set to A. 502 Illegal PORT Command Or .. I get : Timed out ! All this on Client computers. Bogdan -----Original Message----- From: "Brad Benz" <bbenz@xxxxxxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Date: Tue, 25 Dec 2001 08:28:08 -0700 Subject: [isalist] Re: ISA and VPN > http://www.ISAserver.org > > > Your VPN connection is using the default gateway of the network you are > dialing in to. To fix: > > Open the Properties for your VPN connection > Click the "Networking" tab > Select "Internet Protocol-TCP/IP", then click the "Properties" button > Click the "Advanced" Button > On the "General" tab, clear the "Use default gateway on remote network" > checkbox > > Brad Benz > MCSE(2K), CCNA, CCDA, CIPT > Voice/Data Integration Engineer > inTouch Solutions > Boise, ID 83708 > 208.947.6786 > bbenz@xxxxxxxxxxxxxxxxxxx > > -----Original Message----- > From: Bogdan Florin [mailto:florinb@xxxxxxxxxxx] > Sent: Tuesday, December 25, 2001 4:08 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: ISA and VPN > > > http://www.ISAserver.org > > > Out ISA server it have a Satellite Dish installed and a DVB card. > I use a VPN to stablish the link betwen ISA and Satellite Internet > Provider. After stablish the VPN with RRAS I got new DEFAULT GATEWAY on > that machine and UNABLE TO ACCES ANY FTP Sites. > > I will red your advices. > > Please advice more. > > Thank you. > Bogdan > > -----Original Message----- > From: "Mark Strangways" <strangconst@xxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Date: Mon, 24 Dec 2001 08:52:09 -0500 > Subject: [isalist] Re: ISA and VPN > > > http://www.ISAserver.org > > > > > > Are you using the VPN connection for internet access ? > > There is some info about certain requirements to use the internet > thru > > a VPN > > connection, I believe these are in the "Learning Zone" of ISA server. > > You might take a look atthe doc's there, and try Microsoft's support > > web > > site as well. > > > > Regards, > > Mark > > ----- Original Message ----- > > From: "Bogdan Florin" <florinb@xxxxxxxxxxx> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > Sent: Monday, December 24, 2001 7:30 AM > > Subject: [isalist] ISA and VPN > > > > > > > http://www.ISAserver.org > > > > > > > > > I have a ISA server. Works perfectly as WEB and FTP proxy. > > > After I establish a VPN to a satellite Internet provider I'm uable > to > > > acces any FTP site. > > > > > > Anyone have som ideea ? I fight with this from long time. > > > > > > Bogdan > > > > > > > > > > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org Discussion List > > as: > > strangconst@xxxxxxxxxx > > > To unsubscribe send a blank email to > > $subst('Email.Unsub') > > > > > > > > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List > as: > > florinb@xxxxxxxxxxx > > To unsubscribe send a blank email to > > $subst('Email.Unsub') > > > > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > bbenz@xxxxxxxxxxxxxxxxxxx > To unsubscribe send a blank email to > $subst('Email.Unsub') > > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > florinb@xxxxxxxxxxx > To unsubscribe send a blank email to > $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bbenz@xxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')