[isapros] Re: VPN Issue

  • From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
  • To: <isapros@xxxxxxxxxxxxx>
  • Date: Tue, 15 May 2007 10:46:24 -0400

There is no RAS Servers group in Active Directory and the ISA firewall
is a member of the domain.

-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Thomas W Shinder
Sent: Tuesday, May 15, 2007 9:36 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: VPN Issue

You'll need to add the ISA Firewall to the RAS servers group manually in
the Active Directory. I've seen this a few times before, although it was
quite awhile ago. Are you logged on as domain admin when you enabled the
RRAS functionality?

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)

 

> -----Original Message-----
> From: isapros-bounce@xxxxxxxxxxxxx 
> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Amy Babinchak
> Sent: Tuesday, May 15, 2007 8:36 AM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] VPN Issue
> 
> I'm enabling client VPN access. I'd like to authenticate them using an
> active directory user group. When I enable VPN Access using 
> the ISA 2006
> Wizard I get an message that "this computer cannot be added 
> to the list
> of valid remote access servers in active directory".  What is 
> it talking
> about? Is this saying that ISA can't talk to Active Directory? Looking
> at the packets it seems that ISA is attempting to 
> authenticate the users
> locally rather than through Active Directory. I see a chap challenge =
> firewall and then a chap response from the VPN client with their
> domain\username then authentication fails.
> 
> Amy
> 
> --
> ExchangeDefender Message Security: Click below to verify authenticity
> http://www.exchangedefender.com/verify.asp?id=l4FDSMmi007060&f
> rom=amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
> 
> 
> 
> 


--
ExchangeDefender Message Security: Click below to verify authenticity
http://www.exchangedefender.com/verify.asp?id=l4FEciSM016455&from=amy@xxxxxxxxxxxxxxxxxxxxxxxxxx


Other related posts: