ISA Server does not support customized routes. For example, if ISA Server dials a non-VPN connection to a remote network that is not the default gateway, this requires a custom route to the remote network. ISA Server 2004 overwrites Routing and Remote Access settings with its own settings. ISA Server creates and controls Point-to-Point Tunneling Protocol (PPTP) over Layer Two Tunneling Protocol (L2TP) interfaces, overwriting changes made in Routing and Remote Access. If modem connections are created in Routing and Remote Access, ISA Server deletes them How do I get PPTP/L2TP? Sounds like an interesting protocol. Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Monday, December 05, 2005 12:59 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Troubleshooting Unsupported Configurations in ISA S erver 2004 http://www.ISAserver.org Hi Alex, I agree. Single NIC isn't really a security solution anyhow, no matter how you paint the lipstick on the pig. :) Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls **Who is John Galt?** ________________________________ From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] Sent: Monday, December 05, 2005 12:45 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Troubleshooting Unsupported Configurations in ISA S erver 2004 http://www.ISAserver.org I love how according to this, our ISA 2004 is a complete and utter aberration. It should not even function at all :-) Single nic, firewall clients, NT4 member server, no HTTP Proxy clients, application filtering for other stuff than HTTP/HTTPS... But it works, kindof. Behaves erratically, but works. I showed my employer the document, he said "Okay". I just said that if it crashes down or does strange stuff, I couldn't be held responsible, and it was their problem. Basically, they are using ISA to "allow internet access to certain people based on NT groups". I really don't know how they managed to achieve this configuration. But I decided it wasn't really my problem anymore, it is not a critcal part of the network security anyways, else I'd get my panties in a bunch about it. ________________________________ De : Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Envoyé : 5 décembre 2005 12:38 À : [ISAserver.org Discussion List] Objet : [isalist] Troubleshooting Unsupported Configurations in ISA Server 2004 http://www.ISAserver.org They really need an RSS feed for these! I didn't see this one coming down the transom: Troubleshooting Unsupported Configurations in ISA Server 2004: http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/unsupportedconfigs.mspx