That's a whole other story... If I disable my client nothing works behind the firewall? Not sure why? I am new to this ISA thing and that definitly doesn't help. If I disable the FW service, that is the only way to make things work. you> -----Original Message----- you> From: David Elmquist [mailto:david@xxxxxxxxxx] you> Sent: Friday, November 09, 2001 2:00 AM you> To: [ISAserver.org Discussion List] you> Subject: [isalist] RE: cisco vpn dialer (IPSEC) you> you> you> http://www.ISAserver.org you> you> you> you> If you have a Firewall client installed, try to disable that, and you> connect again. you> you> David Elmquist you> you> -----Original Message----- you> From: GT [mailto:torchetti@xxxxxxxxxxxx] you> Sent: 9. november 2001 02:46 you> To: [ISAserver.org Discussion List] you> Subject: [isalist] RE: cisco vpn dialer (IPSEC) you> you> you> Well I am not getting that far. you> I get the logon screen and I enter my username/password, you> and then (last you> 3 lines after a short timeout).. you> you> Initializing the connection... you> Contacting the security gateway at 207.35.60.67... Authenticating you> user... Contacting the security gateway at 207.35.60.67... you> Negotiating you> security policies... Securing communication channel... Remote peer you> terminated connection. you> you> Isn't there a rule I can add that will allow everything? you> Anyway I've been hammering away for a while and I am just about to you> revert back to my Linux firewall?? you> you> Thanks for your help and if you have anything else to you> suggest, it will you> be greatly appreciated. you> you> you> you> -----Original Message----- you> you> From: Jeffrey M. Butte you> you> you> you> I assume you are getting a connection to your client you> you> behind ISA but it you> you> is stopping there.... Configuring your client depends on you> you> if and how it you> you> was customized. The config may be different for everyone. you> you> you> you> 1.) Configure your client to use IPSEC through NAT Mode you> you> (general tab you> you> under properties) you> you> 2.) Connect the client to the Altiga box. you> you> 3.) Right click the client in the system tray and you> select status. you> you> 4.) Note the NAT port listed. you> you> 5.) Launch the ISA management console and create two protocol you> you> definitions: you> you> you> you> Port: 500 you> you> Protocol: UDP you> you> Direction: SEND you> you> you> you> Port: <the one you noted> you> you> Protocol: UDP you> you> Direction: SEND you> you> you> you> Give that a shot. you> you> you> you> Jeff Butte you> you> mailto:jbutte@xxxxxx you> you> you> you> you> you> you> you> you> you> you> you> you> you> -----Original Message----- you> you> From: GT [mailto:torchetti@xxxxxxxxxxxx] you> you> Sent: Tuesday, November 06, 2001 7:54 PM you> you> To: [ISAserver.org Discussion List] you> you> Subject: [isalist] cisco vpn dialer (IPSEC) you> you> you> you> you> you> http://www.ISAserver.org you> you> you> you> you> you> I have a workstation needing to connect to an external vpn you> you> altiga box. you> you> Anyone have any clue as to what filter to enable you> you> port/whatever to get you> you> this you> you> working? you> you> you> you> Thanks! you> you> torchetti@xxxxxxxxxxxx you> you> you> you> ------------------------------------------------------ you> you> You are currently subscribed to this ISAserver.org you> you> Discussion List as: you> you> jbutte@xxxxxx you> you> To unsubscribe send a blank email to you> you> $subst('Email.Unsub') you> you> you> you> you> you> ------------------------------------------------------ you> you> You are currently subscribed to this ISAserver.org you> you> Discussion List as: torchetti@xxxxxxxxxxxx you> you> To unsubscribe send a blank email to you> you> $subst('Email.Unsub') you> you> ------------------------------------------------------ you> You are currently subscribed to this ISAserver.org you> Discussion List as: torchetti@xxxxxxxxxxxx you> To unsubscribe send a blank email to you> $subst('Email.Unsub')