That's why I recommend so much a solution like ISA 2004 and a cheapo VPN router that supports IPSec. Dude, it's worderful and cheaper than filling up my car at the gas station =) Tiago de Aviz SoftSell - Curitiba (41) 3340-2363 www.softsell.com.br Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é restrito ao destinatário da mensagem. Caso você tenha recebido esta mensagem por engano, queira por favor retorná-la ao destinatário e apagá-la de seus arquivos. Qualquer uso não autorizado, replicação ou disseminação desta mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável pelo conteúdo ou a veracidade desta informação. >>> mjjdejonge@xxxxxxxxxxxxxxxxxxxxxxxx 3/5/2006 12:45 >>> Hi TiagoI agree as well This could be a point of I have read before The Clients behind ISA VPN'ing against an ISA works perfect for me as well This would be a I think a linux / unix issue. One of the reasons I am looking for a different pptp solution. Hope this helps If you need some url about this pls just ask if not I would like to stay on this topic. Regards, Mario From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Wednesday, May 03, 2006 5:26 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: VPN in ISA Server 2004 Hi Tiago, OK, that's definitely a problem too. :) Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tiago de Aviz Sent: Wednesday, May 03, 2006 9:36 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: VPN in ISA Server 2004Hm, I always had issues when more than one client behind Linux IPTABLES tries to open a PPTP tunnel against an ISA Server. Maybe I didn't express myself correctly. It's not an ISA limitation, it's an iptables limitation that can't NAT two tunnels going to the same external IP address, if both clients on the linux side are Snat'ed to the same external ip address. Clients behind ISA VPN'ing against an ISA works perfect! Tiago de Aviz SoftSell - Curitiba (41) 3340-2363 www.softsell.com.br Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é restrito ao destinatário da mensagem. Caso você tenha recebido esta mensagem por engano, queira por favor retorná-la ao destinatário e apagá-la de seus arquivos. Qualquer uso não autorizado, replicação ou disseminação desta mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável pelo conteúdo ou a veracidade desta informação. >>> tshinder@xxxxxxxxxxx 3/5/2006 10:11 >>> This is NOT a PPTP or L2TP issue, its a problem with the destination VPN endpoint. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Cristovao Sent: Wednesday, May 03, 2006 8:10 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: VPN in ISA Server 2004With L2TP is possible create multiple tunnels coming from the same external IP address? Tank You. From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tiago de Aviz Sent: quarta-feira, 3 de maio de 2006 09:34 To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: VPN in ISA Server 2004 I might be mistaken, but you're probably trying to open multiple PPTP tunnels coming from the same external IP address. No go, my friend. You'll have to create a site-to-site tunnel. Tiago de Aviz SoftSell - Curitiba (41) 3340-2363 www.softsell.com.br Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é restrito ao destinatário da mensagem. Caso você tenha recebido esta mensagem por engano, queira por favor retorná-la ao destinatário e apagá-la de seus arquivos. Qualquer uso não autorizado, replicação ou disseminação desta mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável pelo conteúdo ou a veracidade desta informação. >>> cristovao@xxxxxxxxx 30/4/2006 15:31 >>> I have ISA inside network because standard in this organization is: Borders Firewalls: Checkpoint or Linux. This standard is used in all locations. I don't understand because one client work's fine.More clients work's fine, one client per location.Problem only two client in one location. Tank you. From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English Sent: domingo, 30 de abril de 2006 11:43 To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: VPN in ISA Server 2004 Why do you have ISA 2004 inside your network? Could be that your not passing all the information from your Linux box to the ISA Firewall correctly, and it could be that you don't have the VPN setup correctly on ISA 2004 Server or your client setup correctly. Andrew From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Cristovao Sent: Saturday, April 29, 2006 3:26 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] VPN in ISA Server 2004 I have this situation: Location one: 10.11.0.X; Link with dedicated IP; Firewall Linux with iptables (Slackware 10.2); Windows 2003 Server Std; Isa Server 2004 in internal network: Proxy and VPN; VPN in PPtP. External Clients: 10.12.0.X; Link ADSL; Firewall Linux with iptables (Slackware 10.2); Windows XP with SP2; 4 Workstations. Problemas: The first workstation in External Clients connect in VPN successfull; The second workstation in External Clients don't connect with error 721in authentication; If disconnect the first client the second worksation not connect; If wait just moments the second workstation connect successfull, but de first workstation not connect. Help, please.