http://www.ISAserver.org ------------------------------------------------------- Good thing you started your markup with an end tag ;) NAT-T is 4500.... NAT-T aware applications sense NAT at 500 and request NAT-T at 4500 for subsequent applications. Besides, if you consider that a "smack," then you need to get out more :-p P.S. I think one of our earliest conversations was about RFC3947... Thanks for the trip down mammary lane, you tit :)))) t > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > Sent: Sunday, October 21, 2007 11:38 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Point to Point VPN ISA 2006 > > http://www.ISAserver.org > ------------------------------------------------------- > > </smack> > NAT-T starts at UDP-500; then moves to UDP:4500. > </smack> > > Either way, I agree that Linksys is wasted money. > DLink rules. > BTW, the WAP I recommended during BH is the DWL-8200AP. > Damn fine unit. > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > bounce@xxxxxxxxxxxxx] On Behalf Of Thor (Hammer of God) > Sent: Sunday, October 21, 2007 1:55 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Point to Point VPN ISA 2006 > > http://www.ISAserver.org > ------------------------------------------------------- > > You talking smack about how PPTP doesn't use IPSEC NAT-T. And NAT-T is > 4500, not 500. But mostly how if he had the netgear box, we wouldn't > be > having this conversation :-p > > t > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > > bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > > Sent: Sunday, October 21, 2007 10:42 AM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: Point to Point VPN ISA 2006 > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > ..and this relates to PPTP.. how? > > :-p > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > > bounce@xxxxxxxxxxxxx] On Behalf Of Thor (Hammer of God) > > Sent: Sunday, October 21, 2007 1:15 PM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: Point to Point VPN ISA 2006 > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > My netgear FVX-538 has built-in IPSEC vpn capabilities. Neener > neener. > > > > t > > > > > -----Original Message----- > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > > > bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat > > > Sent: Sunday, October 21, 2007 8:37 AM > > > To: ISA Mailing List > > > Subject: [isalist] Re: Point to Point VPN ISA 2006 > > > > > > http://www.ISAserver.org > > > ------------------------------------------------------- > > > > > > Indeed.... > > > > > > -----Original Message----- > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > > > bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > > > Sent: Sunday, October 21, 2007 12:23 PM > > > To: ISA Mailing List > > > Subject: [isalist] Re: Point to Point VPN ISA 2006 > > > > > > http://www.ISAserver.org > > > ------------------------------------------------------- > > > > > > Why would I get a Linksys if it imposes such horrific design on an > > > unsuspecting user? > > > What's really interesting about that is that no sane PPTP endpoint > > will > > > use that protocol and so they're adding another layer of potential > > > breakage to the communications. > > > > > > -----Original Message----- > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > > > bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat > > > Sent: Sunday, October 21, 2007 7:56 AM > > > To: ISA Mailing List > > > Subject: [isalist] Re: Point to Point VPN ISA 2006 > > > > > > http://www.ISAserver.org > > > ------------------------------------------------------- > > > > > > OK Smartass...:) > > > > > > Go get a Linksys and see if you can get pptp through it "without" > udp > > > 500. They seem to use it no matter that it's ipsec. > > > > > > S > > > > > > -----Original Message----- > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > > > bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > > > Sent: Sunday, October 21, 2007 11:48 AM > > > To: ISA Mailing List > > > Subject: [isalist] Re: Point to Point VPN ISA 2006 > > > > > > http://www.ISAserver.org > > > ------------------------------------------------------- > > > > > > PPTP not use IPSec NAT-T, yanumptie... > > > > > > Many NAT-based devices trash otherwise functional PPTP traffic. > > > If you get a network capture of the traffic at both sides of the > > > "router", we can examineit or the common failure point (PeerID gets > > > changed somewhere along the line). > > > > > > > > > -----Original Message----- > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > > > bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat > > > Sent: Saturday, October 20, 2007 2:49 PM > > > To: ISA Mailing List > > > Subject: [isalist] Re: Point to Point VPN ISA 2006 > > > > > > Have you forwarded udp 500 through the Linksys?? > > > > > > > > > > > > S > > > > > > > > > > > > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist- > > > bounce@xxxxxxxxxxxxx] On Behalf Of William Holmes > > > Sent: Saturday, October 20, 2007 6:31 PM > > > To: ISA Mailing List > > > Subject: [isalist] Point to Point VPN ISA 2006 > > > > > > > > > > > > Hello, > > > > > > > > > > > > I have a point to point VPN setup with ISA2006. This has been > working > > > just fine until my Internet Router Died. I have a new router on > order > > > but I have a question. > > > > > > > > > > > > I put a new router (one I had around) in place of my dead router. > On > > > this router (Linksys befsx41) I enabled VPN pass through. If I > plug > > a > > > laptop into the BEFSX41 directly I can start a PPTP connection and > > > connect to the remote ISA2006 server. > > > > > > > > > > > > However if I try to start the point to point PPTP connection > between > > > the Local ISA2006 server and the Remote ISA 2006 server I get the > > > following error message from the routing and remote access service: > > > > > > > > > > > > An error occurred during connection of the interface. The > connection > > > was terminated by the remote computer before it could be completed. > > For > > > further assistance click More Info or search Help and Support > Center > > > for this error number. > > > > > > > > > > > > However there is no error number. > > > > > > > > > > > > If I connect my ISA server directly to my broadband connection then > > the > > > Tunnel works fine (that is ISA to ISA without the intervening > > router). > > > Now before someone jumps to conclusions about why I have the > router, > > I > > > am on a dynamic IP address at home where I am connecting from and I > > > want ISA to always have a fixed address. In addition I have two > > > Internet connections one Cable and one DSL and the Router (Linksys > > > RV042) handles connection to both and provides failover and > bandwidth > > > aggregation. It also provides some simple packet filtering that > cuts > > > down on a lot of the BS that in on the broadbands. > > > > > > > > > > > > The VPN works fine with the RV042 but not with the older BEFSX41 > and > > I > > > would like to understand why, especially since a VPN connection to > > the > > > same remote ISA server works fine when connecting from a laptop > that > > is > > > connected to same Router. > > > > > > > > > > > > Thanks > > > > > > > > > > > > Bill > > > > > > ------------------------------------------------------ > > > List Archives: //www.freelists.org/archives/isalist/ > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server Articles and Tutorials: > > > http://www.isaserver.org/articles_tutorials/ > > > ISA Server Blogs: http://blogs.isaserver.org/ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > > > List Archives: //www.freelists.org/archives/isalist/ > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server Articles and Tutorials: > > > http://www.isaserver.org/articles_tutorials/ > > > ISA Server Blogs: http://blogs.isaserver.org/ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > > > List Archives: //www.freelists.org/archives/isalist/ > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server Articles and Tutorials: > > > http://www.isaserver.org/articles_tutorials/ > > > ISA Server Blogs: http://blogs.isaserver.org/ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > > > List Archives: //www.freelists.org/archives/isalist/ > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server Articles and Tutorials: > > > http://www.isaserver.org/articles_tutorials/ > > > ISA Server Blogs: http://blogs.isaserver.org/ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx