[isalist] Re: VPN Client Connection Problem

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Tue, 15 Jan 2008 10:38:20 -0600

http://www.ISAserver.org
-------------------------------------------------------

Me three.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)

 

> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx 
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
> Sent: Tuesday, January 15, 2008 10:30 AM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: VPN Client Connection Problem
> 
> http://www.ISAserver.org
> -------------------------------------------------------
>   
> So would I.
> 
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx 
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of D 
> PIETRUSZKA USWRN INTERLINK INFRA ASST MGR
> Sent: Tuesday, January 15, 2008 7:49 AM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: VPN Client Connection Problem
> 
> http://www.ISAserver.org
> -------------------------------------------------------
> 
> I would like to see IAG as part of the next version of ISA server.
> 
> Regards
> Diego R. Pietruszka
> MSC (USA) - Interlink Transport Technologies
> 
> 
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx 
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder
> Sent: Tuesday, January 15, 2008 10:33 AM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: VPN Client Connection Problem
> 
> http://www.ISAserver.org
> -------------------------------------------------------
> 
> L2TP/IPsec with EAP user authentication (smart card, etc) is 
> the current
> state of the art.
> 
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://blogs.isaserver.org/shinder/
> Book: http://tinyurl.com/3xqb7
> MVP -- Microsoft Firewalls (ISA)
> 
> 
> 
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Rob Moore
> > Sent: Tuesday, January 15, 2008 9:19 AM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: VPN Client Connection Problem
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > Speaking of PPTP, we've been using it for years--sometime
> > before I came
> > along. We've just kept it going by default. I assume some
> > other protocol
> > would be safer and more secure. What would you (the list, not
> > necessarily just Jim Harrison) recommend as an upgraded protocol?
> >
> > Thanks,
> > Rob
> >
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Jim Harrison
> > Sent: Tuesday, January 15, 2008 9:20 AM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: VPN Client Connection Problem
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > Yano - you did.
> > I guess I'm just getting to the point where I overlook "PPTP"
> >
> > Still; a look at the relevant log entries (start from
> > "initiate") would
> > help a lot.
> > Even better would be network captures from both sides of 
> ISA (NetMon 3
> > can do this).
> >
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Rob Moore
> > Sent: Tuesday, January 15, 2008 6:02 AM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: VPN Client Connection Problem
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > I did mention in my original post that it was PPTP.
> >
> > Rob
> >
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Thomas W Shinder
> > Sent: Monday, January 14, 2008 10:39 PM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: VPN Client Connection Problem
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > I'll bet a dollar it's a PPTP VPN :)
> >
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Jim Harrison
> > Sent: Monday, January 14, 2008 8:07 PM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Re: VPN Client Connection Problem
> >
> > http://www.ISAserver.org
> > -------------------------------------------------------
> >
> > Can you include a couple of the log entries that indicate
> > this traffic?
> > "VPN" is too vague; is this IPSec, PPTP, SSL-VPN..?
> >
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx]
> > On Behalf Of Rob Moore
> > Sent: Monday, January 14, 2008 1:33 PM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] VPN Client Connection Problem
> >
> > Hello all-
> >
> > ISA 2006 Standard
> >
> > Windows Server 2003
> >
> > I've got an odd problem. I have a guy using a Mac trying to 
> connect to
> > my VPN server. (The VPN server is a Windows server running 
> behind the
> > ISA server. It's a PPTP VPN.) When he tries to connect, he gets this
> > error message: "The connection was terminated by the communication
> > device. Please verify your settings and try again". We've tried
> > recreating his VPN connector. We've tried connecting wired
> > and wireless
> > and from several different locations. I've also 
> successfully connected
> > to the VPN server using his account but from different 
> computers, both
> > Mac and PC.
> >
> > When I monitor my own successful connection attempt on the 
> firewall, I
> > get a single message that says the connection was initiated. When I
> > monitor his unsuccessful connection attempt, I get three
> > entries. First
> > it says the connection was initiated. Then it says the 
> connection was
> > closed. Then I get a "Denied" entry in which it appears the 
> ISA server
> > is trying to send the request to the public IP address of the VPN
> > server. The error is "0xc0040017 FWX_E_TCP_NOT_SYN_PACKET_DROPPED."
> >
> > I've tried Googling it and gotten a lot of stuff, some of it ISA
> > related, some of it not. I also looked some in the archives of this
> > list.
> >
> > Can anyone point me in the right direction?
> >
> > Thanks,
> >
> > Rob
> >
> > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> >
> > Rob Moore
> >
> > Network Manager
> >
> > 215-241-7870
> >
> > Help Desk: 800-500-AFSC
> >
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials: 
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials: 
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/  
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
> ISA Server Articles and Tutorials: 
> http://www.isaserver.org/articles_tutorials/ 
> ISA Server Blogs: http://blogs.isaserver.org/ 
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com 
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
> Report abuse to listadmin@xxxxxxxxxxxxx 
> 
> 
> 
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » [isalist] VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem
• » [isalist] Re: VPN Client Connection Problem

1. Home
2. isalist
3. Archive
4. 01-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---