So I kinda got it half right. Doesn't the wizard create a gre 47 packet filter anyway. In talking pptp what else do you need to specify to get it to pass to the rras machine. Greg Mulholland Tech Services Manager Harvey Norman +613 98019333 greg_mul@xxxxxxxxxxxxxxx _____ From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxx] Sent: Monday, June 30, 2003 7:08 AM To: [ISAserver.org Discussion List] http://www.ISAserver.org Hi Greg, as far a I know you can't publish a Windows 2000 VPN server because PPTP and L2TP/IPSec uses non-TCP/UDP based protocols (IP protocol 47 and 50 respectively). However, a Windows 2003 VPN server supports L2TP/IPSec with NAT Traversal and that feature encapsulates the ESP (IP protocol 50) packets in a UDP packet. Therefore, the ISA server will only see UDP traffic (UDP port 500 for the IKE and UDP port 4500 for the encapsulated ESP) and that can be published. For more info about the IPSec NAT Traversal, check out my article http://www.isaserver.org/articles/IPSec_Passthrough.html . HTH, Stefaan -----Original Message----- From: Greg Mulholland [mailto:greg_mul@xxxxxxxxxxxxxxx] Sent: zondag 29 juni 2003 13:43 To: [ISAserver.org Discussion List] Subject: [isalist] RE: RRAS and vpn http://www.ISAserver.org I think I found the answer. ISA does not support gre passing. Ironically it was in "GG" and most of the worthy posts I read were from one Thomas Shinder and one Jim Harrison. You guys rock! Greg Mulholland Tech Services Manager Harvey Norman +613 98019333 greg_mul@xxxxxxxxxxxxxxx _____ From: Greg Mulholland [mailto:greg_mul@xxxxxxxxxxxxxxx] Sent: Sunday, June 29, 2003 9:20 PM To: [ISAserver.org Discussion List] http://www.ISAserver.org Hi guys Wonder if anyone can shed some light on the possibilities of running an rras server for vpns behind the isa machine. This is not my flavor of choice but I am researching a scenario in my head. I can find little material that is relevant to my question and I suspect Tom will be able to answer it in a flash but, if anyone else is awake and knows the limitations I would appreciate it. Thanks Greg Mulholland Tech Services Manager Harvey Norman +613 98019333 greg_mul@xxxxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: greg_mul@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: stefaan.pouseele@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: greg_mul@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')