[isalist] Re: Please help !! - ISA2004 SP2 / VPN Problems
- From: "Paul Crisp" <pcrisp@xxxxxxxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Mon, 6 Nov 2006 22:07:45 -0000
Please help !! - ISA2004 SP2 / VPN Problemsok Tom,
I've been very motivated all day trying to find something and have found
nothing, can you give me some more clues oh great master....
Thanks
Paul
----- Original Message -----
From: Paul Crisp
To: isalist@xxxxxxxxxxxxx
Sent: Monday, November 06, 2006 1:37 PM
Subject: [isalist] Re: Please help !! - ISA2004 SP2 / VPN Problems
I'm motivated alright, just want this problem out the way !
Do you mean the ISA 2004 VPN Deployment Kit rather than the ISA 2000???
Ps
Thanks for the quick response
Paul Crisp
Snr Network Support Analyst
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Thomas W Shinder
Sent: 06 November 2006 13:32
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Please help !! - ISA2004 SP2 / VPN Problems
DDNS of the ISA Firewall's RAS interface in your internal DNS.
Worked out in the ISA 2000 VPN Deployment Kit and other articles on the
ISAserver.org site years ago :)
I don't recall the exact location, but if you're motivated, you'll find 'em.
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)
----------------------------------------------------------------------------
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Paul Crisp
Sent: Monday, November 06, 2006 7:27 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Please help !! - ISA2004 SP2 / VPN Problems
Hi all,
I really need your help on this as my brain will explode soon...
Background:
Originally we were running ISA2004 SP1 on Windows 2000 box and had remote
workers VPN into the system without a problem and gaining access to the local
network the ISA box was connected to and also some other networks within our
LAN.
I had to setup a new ISA box, because I wanted a faster process, more
memory and more disk space. I setup the new box ISA2004 SP2 on Windows 2003 SP1
and the configuration is exactly the same as the previous ISA box.
Everything was working fine, internal clients can browse the internet,
email is coming into via the ISA box no problem and published web servers are
working as well.
The only problem I have is some (not all) VPN clients, connect to the ISA
box successfully but they cannot access any internal resources. The flip side
to this, is that when these people connect the internal clients lose access to
the ISA internal network interface (you cannot ping or anything). As soon as
the VPN client disconnects, the internal people get ping response and can then
obviously use the internet as before?
I have looked on the isaserver.org forum and tried something's but all to
no avail. Can anyone give me any pointers to where I should be looking, as some
remote people VPN without a problem and access internal resources without a
problem???
Network information:
ISA Box - 2 network interfaces (1x external, 1x internal)
RRAS - Setup for DHCP and to use same range of IP addresses as internal
interface
VPN network rule setup for Route not NAT
VPN access rule setup for all outbound protocols and access from external
to internal
Client information:
Have got the client to try in split-tunnel mode as well as non-split tunnel
mode... same results
Please please help me J
Paul Crisp
Snr Network Support Analyst
Other related posts:
