PPTP VPN client access on ISA 2004
- From: "MW" <mark.wrightson@xxxxxxxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Wed, 16 Feb 2005 05:29:45 -0700
Would like to move to ISA 2004 form ISA 2000. Busy testing / learning
(Using Toms book)
On ISA 2000 we allow L2TP and PPTP VPN client access. However we limit the
PPTP access to a small number of users where we have NAT-T issues. To make
them more secure we disable the default filters that allow PPTP access
from all external addresses . Then we ceate filters that allow PPTP access
only from the IP addresses of our PPTP users (we make the get a fixed IP
address from the ISP).
We can't seem to do the same in ISA 2004. When we allow PPTP VPN client
access the system policy allows access from all external addresses.
Doesn't seem to be any way of disabling this so we can ceate our own rule
Any ideas how I can get this to work
MW
(Am looking at certificate based EAP-TLS for PPTP access as an alternative
but have problem - will post another query)
Other related posts:
