Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

CISCO 827 Configuration for ISA Server VPN

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> VPN >> CISCO 827 Configuration for ISA Server VPN Page: [1]
Login
Message << Older Topic   Newer Topic >>
CISCO 827 Configuration for ISA Server VPN - 2.Jul.2008 7:01:44 AM   
exante

 

Posts: 1
Joined: 2.Jul.2008
Status: offline 		Hello,
I have to deploy a VPN between our branch office and our headquarter.
At the moment I have implemented two ISA Servers 2004 on WIN 2K Server SP4 (Front End and Back End End firewall) as explained in Dr. Thomas Shinder's tutorials "Allowing Inbound L2TP-IPSec NAT Traversal Connections through a Back to Back ISA Server Firewall DMZ". This is the IP configuration schema:

External Client: some IP address leased by some ISP
Router (CISCO 827): public IP address 151.10.10.11 (example)
Front End FW (Public External IP): 151.10.10.10 (example)
Front End FW (DMZ): 192.168.0.4
Back End FW (DMZ): 192.168.0.3
Back End FW (Internal): 10.1.1.16
Internal Server I want to reach (DC): 10.1.1.20


If I configure protocol PPTP (changing the Firewall rule on the Front end FW) the VPN Client (Windows XP SP3) configured through the Windows LAN Connection Manager is able to reach the Front End FW that, apparently, properly passes the request IP to the Back End FW (as I can see fron the Session Monitor in both ISA Server) but after some minutes (the message is "Verifying Username and Password") the request is rejected with Error 721 (Server not responding).

If I configure L2TP (I have already implemented a CA on an internal server with IP 10.1.1.21) the client didn't reach the Front End Firewall (the message is "Trying to connect to 151.10.10.10).

After several attempts I thought that the problem is on the router I call my router mainteiner for enabling the correct protocols on the router but he ask me wich protocols and wich ports i want to enable.

Can some one pls inform me about this the correct Protocols and Ports I have to enable on the Router to allow L2TP and PPTP in order to let the remote clients to enter the internal LAN, is there a way to avoid any router configuration change?

If all my request is inconsistent, can anyone please show me the correct network shema to reach the desired goal I've mantioned at the beginning of my message.

Thanks in advance for your response

Exante
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> VPN >> CISCO 827 Configuration for ISA Server VPN Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts