RE: PPTP & L2TP VPN Tunnels

• From: Glenn Maks <gmaks@xxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 28 Feb 2003 16:03:51 -0500

Answering Tom's question, No, the tunnel does not enable when a client
behind the ISA server makes a request. Casey, I have been reading about the
requirement of a Certificate server when  building VPN tunnels with ISA. I
have installed the Cert service on one of the ISA servers and issued a Cert
to the Remote ISA server, still the tunnel dies on me, the setting is also
set to persistent? I don't think that DHCP would cause this type of issue,
it seems to be more of a authentication and validation problem?

-----Original Message-----
From: Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx] 
Sent: Friday, February 28, 2003 3:05 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: PPTP & L2TP VPN Tunnels


http://www.ISAserver.org


I'm having the same issue with my production environment using only PPTP for
the tunnels.  Odd thing is that when the tunnel goes down - both ISA's and
the clients behind them can still get out on the internet yet both ISA's
report that the other's endpoint is unreachable and event log reports that
there's no answer.
 
I have both RRAS demand dial interfaces set to persistant.  
 
I passed the problem off as a DHCP issue because at the times the tunnel
would go down I would see event logs on my dhcp servers talking about DHCP
db cleanup taking place.  I changed both tunnel endpoints to use a static IP
but the problem still occured...*shurg*
 
-casey

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Friday, February 28, 2003 2:58 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: PPTP & L2TP VPN Tunnels


http://www.ISAserver.org


Hi Glenn,
 
Does the tunnel reconnect if a client behind the ISA Server makes a request?
 
Thanks!
Tom

Thomas W Shinder 
www.isaserver.org/shinder <http://www.isaserver.org/shinder>  
ISA Server and Beyond: http://tinyurl.com/1jq1 <http://tinyurl.com/1jq1>  
Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp>  

-----Original Message-----
From: Glenn Maks [mailto:gmaks@xxxxxxxxx] 
Sent: Friday, February 28, 2003 1:37 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] PPTP & L2TP VPN Tunnels


http://www.ISAserver.org


Am I missing something here, I must be, I have 2 ISA servers that I have
setup for a test environment, currently I am working with VPN tunnels, both
PPTP and L2TP, my problem is this, after establishing a tunnel, either PPTP
or L2TP after short period of time the tunnel disconnects and no mater what
I do I can not reestablish the link. Both of these ISA servers were built as
standalone integrated web cache, firewall and proxy. I did install the
Certificate service on one of the ISA servers, keeping in mind this is only
to evaluate the ISA platform. My remote ISA server that ran Remote VPN
wizard and read the config file also requested and installed a Cert from the
Cert server? There must be a way to build either a PPTP or L2TP tunnel and
have it enabled and always connected. What am I missing here?
 
Thank you
  Glenn
 
 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cfriese@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gmaks@xxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels
• » RE: PPTP & L2TP VPN Tunnels

1. Home
2. isalist
3. Archive
4. 02-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---