Re: Site to Site VPN Connection Using L2TP/IPSec by Pre-shared Key
- From: "Steve Moffat" <steve@xxxxxxxxxx>
- To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
- Date: Sat, 2 Apr 2005 14:08:04 -0400
Well, see if you can get a hold of a comtrend ct-561. This is the main
ADSL modem / router in use here in Bermuda, and I do not have any issues
with loading at all.
S
-----Original Message-----
From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]
Sent: Saturday, April 02, 2005 1:21 PM
To: ISA Mailing List
Subject: [isalist] Re: Site to Site VPN Connection Using L2TP/IPSec by
Pre-shared Key
http://www.ISAserver.org
I already throw away a ADSL in front of ISA because of low capacity for
High load of internet access, it is not a good suggestion to have Front
route PPOE connection!
-----Original Message-----
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Sunday, April 03, 2005 12:47 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Site to Site VPN Connection Using L2TP/IPSec by
Pre-shared Key
http://www.ISAserver.org
Yup
Get an ADSL router and put it in front of ISA , use that for your ppoe
connection.
S
-----Original Message-----
From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]
Sent: Saturday, April 02, 2005 12:45 PM
To: ISA Mailing List
Subject: [isalist] Re: Site to Site VPN Connection Using L2TP/IPSec by
Pre-shared Key
http://www.ISAserver.org
Dear Shinder-Sama,
I got your point. Finally, I could be aware why I can't creat site to
site VPN by either pre-shared key or certificate, and problem comes from
one end's ISA2K4 Wan connection is through ADSL by PPOE (Dial-up). When
I check the event log at this ISA2K4 Box, it indicateds that PPoe-4 port
can't be opened, it has been opened up already, I presume that's the
reason why VPN port under Routing and Remote Access are all closed and
can't accept any in/out call.
There is some article saying site to site L2TP VPN connection even both
ends are ADSL connection, while the writter shows a sample procress
under virtual server enviornments, that is not exact site to site VPN
through ADSL connection.
For your reference, the NIC connected to ADSL modem is disabled even
TCP/IP setting, and only PPOE works for dial-up.
I can create a L2TP VPN client inside Lan and connect to remote site of
ISK2K4 VPN server. When I tried to mannual activate VPN connection under
route and remote access service at ISA2K4 server, the IPSec SA is
esbalished, and no answer from remote side after 40 seconds, this means
L2TP can't find his own session!
Anybody here have any solution for this????!!!!!!
Hi Roy,
I thought it was Shinder-san? I get confused about those things :)
Anyhow, are you trying to implement an L2TP/IPSec site to site VPN using
a pre-shared key or computer certificates? You can't do both.
So, if you want to use a pre-shared key, don't install computer certs.
If you want to use computer certificates, then don't configure a
pre-shared key on the VPN gateway endpoints.
HTH,
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]
Sent: Thursday, March 31, 2005 10:08 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Site to Site VPN Connection Using L2TP/IPSec by
Pre-shared Key
http://www.ISAserver.org
Dear Tom-san,
Can I have your any kind suggestion!
Thanks,
Roy Tsao
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List
as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List
as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
The haggis is unusual in that it is neither consistently nocturnal nor
diurnal, but instead is active at dawn and dusk (crepuscular), with
occasional forays forth during the day and night.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax
Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List
as: roy_tsao@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
