http://www.ISAserver.org -------------------------------------------------------
and can you please check the routing table on the RRAS server in the remote network that it route from internal lan to VPN connection???
From: "Daniel" <daniel@xxxxxxxxxxxxxxxx>
Reply-To: isalist@xxxxxxxxxxxxx
To: "ISAServerList" <isalist@xxxxxxxxxxxxx>
Subject: [isalist] vpn demand dial gw-to-gw routing problem
Date: Sat, 24 Jun 2006 01:56:14 -0300
>http://www.ISAserver.org
>-------------------------------------------------------
>
>Hi have the same routing problem with all my vpns (I'm using PPTP vpns), seems be a MS RRAS specific problem.
>
>I have 5 dd persistent vpns on My headquarter isa server 2000/w2k, who dials to remote w2k-RRAS servers on
>partners networks. To route between the vpn subnets I have static routes trough the correspondent vpn dd iface
>in each RRAS and on my headquarter ISA/RRAS snap-in.
>
>In headquarter my ISA is the default gateway, but on the remote networks the LAN default gateway is generaly a
>cisco router or other router, not the w2k-RRAS with the vpn dd iface. To have a correct routing plan I need
>only create a route on this non-MS gateways to my headquarter vpn subnet trough the w2k-RRAS LAN iface (who
>have the dd vpn iface), but the routing don't work.
>
>To solve the problem I need to create a local route entry (the same route I have on the LAN non-MS default
>gateway) on each windows station on the remote LAN, so I have access to this machine trough vpn, this prove
>that the routing plan is correct.
>
>The problem seems be that default remote LAN gateway is a non-MS box, but in TCP/IP routing concepts this have
>no sens. Seems that packets routed trough a non-MS box are rejected by the w2K-RRAS server (who have the dd
>vpn iface) if they are destinated to the vpn.
>
>Someone can help me?
>
>thanks,
>
>Daniel
>
>
>
>------------------------------------------------------
>List Archives: //www.freelists.org/archives/isalist/
>ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
>ISA Server Blogs: http://blogs.isaserver.org/
>------------------------------------------------------
>Visit TechGenix.com for more information about our other sites:
>http://www.techgenix.com
>------------------------------------------------------
>To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>Report abuse to listadmin@xxxxxxxxxxxxx
>