[isalist] VPN Client to access additional network
- From: Danny <nocmonkey@xxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Thu, 29 Nov 2007 22:28:51 -0500
Challenge: ISA 2004 VPN client is unable to connect to additional (
172.16.0.0/16) network via LAN (192.168.0.2/24) default gateway supplied by
LAN DHCP server.
ISA Internal NIC: 192.168.0.250
ISA External NIC: 123.123.123.123 (i.e Public IP)
Default Gateway IP on LAN: 192.168.0.2
Router IP connected to 172.16.0.0 Network: 192.168.0.3 (static route on DGW
for 172.16.0.0 network points to this router)
DHCP supplied VPN client:
IP: 192.168.0.150
Default Gateway: <same as above>
VPN client pings 172.16.0.10 IP, result is request timed out. Traceroute
times out with unlabeled (*) network hops.
VPN firewall policy permits All Outbound from VPN Clients to All Protected
Networks. I am thinking I should create a new Network definition and update
the policy and/or ensure the new network is included in the All Protected
Networks definition.
I am reviewing <http://www.isaserver.org/articles/2004netinnet.html> and <
http://blogs.technet.com/sbs/archive/2007/11/29/network-behind-a-network.aspx>,
trying to figure out what options or what would be the best practice on how
to configure ISA and/or the network to accommodate this requirement?
Thank you for your assistance.
Other related posts:
