[isalist] Re: TMG VPN Not working on Windows Server 2008
- From: Joe Pochedley <Joe.Pochedley@xxxxxxxxxxxxxx>
- To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 15 Jun 2010 09:50:36 -0400
I was able to get PPTP VPN up and running on TMG with little issue using the
info in Jim Harrison's book (and previous experience with ISA 2006/2004/2000).
I think the one quirk that I found (don't remember if it was spelled out
anywhere) was that the IP address assigned to the PPP RAS adapter on the TMG
server should not be listed as part of the Internal network within TMG. Once
VPN is configured, go into Networking > Networks tab... Open the Internal
network > Addresses tab.. Clear out whatever you have defined, and then choose
to Add Adapter and pick your internal network's adapter to have the range of
IPs to auto-populate... Whenever I do this, the PPP RAS adapter IP is always
excluded from the ranges for the Internal network.
If that doesn't help, I guess my original question to the OP is this: What do
you see in the TMG logs when a VPN client attempts to connect?
JP
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Rob Moore
Sent: Tuesday, June 15, 2010 7:49 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: TMG VPN Not working on Windows Server 2008
It (mostly) worked for me, following the steps in Jim Harrison's book,
Microsoft Forefront Threat Management Gateway (TMG) Administrator's Companion.
I say "mostly" because I was able to connect to the VPN. But the DHCP relay
didn't seem to work right. I got an IP address in the right range but some of
the other options were wrong, and I was not able to ping things on the network.
Same thing happened to me when I set it up on ISA 2006. So I'm just passing VPN
traffic through TMG to an internal VPN server (just as I did for ISA). I'm sure
it's something I'm doing wrong, but don't know just what.
Since it's working the way it is, it's not super high priority to fix it.
Besides I'm really keen to get SSTP working. Seems like a better solution than
regular VPN, since it hopefully won't be blocked (some of our users get to
hotel networks that block access to VPN traffic). Now if I can just find the
time...
Rob
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Tee Darling
Sent: Tuesday, June 15, 2010 4:26 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] TMG VPN Not working on Windows Server 2008
Has anyone been able to make VPN work at all through TMG on Windows Server 2008
R2? I followed this article from Deb Shinder to configure VPN on my network.
http://www.isaserver.org/tutorials/Checking-Out-TMG-2010-Virtual-Private-Network-Server-Part2.html
The problem is, every time I try to connect to the VPN, I receive the error :
"Error 678: The remote computer did not respond". I havd googled the error but
the troubleshooting steps that I am getting is not even helping in any way. I
tried to also follow the configuration steps in the TMG Adminstrators Companion
guide but the steps in there did not help in any way.
The articles that have worked for me before are the ones written by Tom Shinder
for VPN configuration on ISA 2004 & 2006. I tried to follow that for TMG but it
did not work either.
Any help?
Thanks,
Tee
Other related posts:
