RE: Troubleshooting Unsupported Configurations in ISA S erver 2004

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 5 Dec 2005 13:11:14 -0600

ISA Server does not support customized routes. For example, if ISA Server dials 
a non-VPN connection to a remote network that is not the default gateway, this 
requires a custom route to the remote network. ISA Server 2004 overwrites 
Routing and Remote Access settings with its own settings. ISA Server creates 
and controls Point-to-Point Tunneling Protocol (PPTP) over Layer Two Tunneling 
Protocol (L2TP) interfaces, overwriting changes made in Routing and Remote 
Access. If modem connections are created in Routing and Remote Access, ISA 
Server deletes them
 
How do I get PPTP/L2TP? Sounds like an interesting protocol.
 
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls
**Who is John Galt?**

 



________________________________

        From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
        Sent: Monday, December 05, 2005 12:59 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: Troubleshooting Unsupported Configurations in 
ISA S erver 2004
        
        
        http://www.ISAserver.org
        
        Hi Alex,
         
        I agree. Single NIC isn't really a security solution anyhow, no matter 
how you paint the lipstick on the pig. :)
         
        Thomas W Shinder, M.D.
        Site: www.isaserver.org <http://www.isaserver.org/> 
        Blog: http://spaces.msn.com/members/drisa/
        Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
        MVP -- ISA Firewalls
        **Who is John Galt?**

         
        
        

________________________________

                From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] 
                Sent: Monday, December 05, 2005 12:45 PM
                To: [ISAserver.org Discussion List]
                Subject: [isalist] RE: Troubleshooting Unsupported 
Configurations in ISA S erver 2004
                
                
                http://www.ISAserver.org
                

                I love how according to this, our ISA 2004 is a complete and 
utter aberration.

                It should not even function at all :-)

                 

                Single nic, firewall clients, NT4 member server, no HTTP Proxy 
clients, application filtering for other stuff than HTTP/HTTPS...

                 

                But it works, kindof. Behaves erratically, but works. I showed 
my employer the document, he said "Okay". I just said that if it crashes down 
or does strange stuff, I couldn't be held responsible, and it was their problem.

                 

                Basically, they are using ISA to "allow internet access to 
certain people based on NT groups". I really don't know how they managed to 
achieve this configuration.

                 

                But I decided it wasn't really my problem anymore, it is not a 
critcal part of the network security anyways, else I'd get my panties in a 
bunch about it.

                
________________________________


                De : Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
                Envoyé : 5 décembre 2005 12:38
                À : [ISAserver.org Discussion List]
                Objet : [isalist] Troubleshooting Unsupported Configurations in 
ISA Server 2004

                 

                http://www.ISAserver.org
                
                

                They really need an RSS feed for these! I didn't see this one 
coming down the transom:

                Troubleshooting Unsupported Configurations in ISA Server 2004: 
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/unsupportedconfigs.mspx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 12-2005