RE: ISA to ISA VPN

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 19 Nov 2002 13:37:41 -0600

Hi Casey,

IIRC, the local VPN server belonged to the internal network domain, and
the remote VPN server was a standalone. It doesn't really matter, as you
can assign certificates to any computer and the router credentials are
stored in the local SAM of the servers. I have *not* tested it with the
VPN servers being DCs, but the procedure should be the same.

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder 
http://tinyurl.com/1jq1
http://tinyurl.com/1llp

 
 


-----Original Message-----
From: Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx] 
Sent: Tuesday, November 19, 2002 1:33 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA to ISA VPN


http://www.ISAserver.org


Greetings,

I have 2 domains with AD and the whole 9 yards.  Both only have one
server - The ISA server which is the DC at each location.

I want to create a gateway-to-gateway vpn between the two sites using
L2TP/IPSec.

I'm following Tom's 2 part instructions but they appear to be geared
towards ISA being installed in a Stand-Alone configuration, not in a
domian configuration or with ISA on the DC.
I'm a bit confused with the certificate sections - ie., enterprise root
ca, stand-alone ca.
Do I need both? Just one? Which one if only one - Enterprise? If I need
both and I only have one server at each site, then what?

-Casey

List Sponsored by Aspelle
Aspelle's Microsoft-centric, Aspelle Everywhere, leverages ISA server
and the Internet to quickly and cost-effectively manage and deliver
secure, client-less access to all corporate applications (Web, Unix,
Windows and legacy systems), for all users.
More info at http://www.aspelle.com/info

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » ISA to ISA VPN
• » RE: ISA to ISA VPN
• » ISA to ISA VPN
• » ISA to ISA VPN
• » ISA to ISA VPN
• » RE: ISA to ISA VPN
• » RE: ISA to ISA VPN
• » RE: ISA to ISA VPN
• » RE: ISA to ISA VPN

1. Home
2. isalist
3. Archive
4. 11-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---