RE: PPTP & L2TP VPN Tunnels
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sun, 2 Mar 2003 20:03:14 -0600
Hi Glenn,
Only one side should dial up. That's what I mean about needing to update
the article. If you already understand demand dial interfaces, you
should be able to do this without problem. If not, then stay tuned for
the update. But you might be better off by setting only the remote side
as permanent and only the remote side should redial on link failure.
Thanks!
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Glenn Maks [mailto:gmaks@xxxxxxxxx]
Sent: Friday, February 28, 2003 3:04 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: PPTP & L2TP VPN Tunnels
http://www.ISAserver.org
Answering Tom's question, No, the tunnel does not enable when a
client behind the ISA server makes a request. Casey, I have been reading
about the requirement of a Certificate server when building VPN tunnels
with ISA. I have installed the Cert service on one of the ISA servers
and issued a Cert to the Remote ISA server, still the tunnel dies on me,
the setting is also set to persistent? I don't think that DHCP would
cause this type of issue, it seems to be more of a authentication and
validation problem?
-----Original Message-----
From: Friese, Casey [mailto:cfriese@xxxxxxxxxxxxx]
Sent: Friday, February 28, 2003 3:05 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: PPTP & L2TP VPN Tunnels
http://www.ISAserver.org
I'm having the same issue with my production environment
using only PPTP for the tunnels. Odd thing is that when the tunnel goes
down - both ISA's and the clients behind them can still get out on the
internet yet both ISA's report that the other's endpoint is unreachable
and event log reports that there's no answer.
I have both RRAS demand dial interfaces set to
persistant.
I passed the problem off as a DHCP issue because at the
times the tunnel would go down I would see event logs on my dhcp servers
talking about DHCP db cleanup taking place. I changed both tunnel
endpoints to use a static IP but the problem still occured...*shurg*
-casey
-----Original Message-----
From: Thomas W Shinder
[mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Friday, February 28, 2003 2:58 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: PPTP & L2TP VPN Tunnels
http://www.ISAserver.org
Hi Glenn,
Does the tunnel reconnect if a client behind the
ISA Server makes a request?
Thanks!
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Glenn Maks
[mailto:gmaks@xxxxxxxxx]
Sent: Friday, February 28, 2003 1:37 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] PPTP & L2TP VPN
Tunnels
http://www.ISAserver.org
Am I missing something here, I must be,
I have 2 ISA servers that I have setup for a test environment, currently
I am working with VPN tunnels, both PPTP and L2TP, my problem is this,
after establishing a tunnel, either PPTP or L2TP after short period of
time the tunnel disconnects and no mater what I do I can not reestablish
the link. Both of these ISA servers were built as standalone integrated
web cache, firewall and proxy. I did install the Certificate service on
one of the ISA servers, keeping in mind this is only to evaluate the ISA
platform. My remote ISA server that ran Remote VPN wizard and read the
config file also requested and installed a Cert from the Cert server?
There must be a way to build either a PPTP or L2TP tunnel and have it
enabled and always connected. What am I missing here?
Thank you
Glenn
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site:
http://www.msexchange.org/
Windows Security Resource Site:
http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this
ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site:
http://www.msexchange.org/
Windows Security Resource Site:
http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this
ISAserver.org Discussion List as: cfriese@xxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site:
http://www.msexchange.org/
Windows Security Resource Site:
http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org
Discussion List as: gmaks@xxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
