Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Can't connect to CSS on part 3 of Site-to-Site VPN
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Can't connect to CSS on part 3 of Site-to-Site VPN - 4.Mar.2007 7:46:34 AM
|
|
|
adx40
Posts: 3
Joined: 4.Mar.2007
Status: offline
|
Hi,
I just started to follow the article of Creating a Site to Site VPN. Everything seem ok untill
on part 3 which to install firewall service on main branch. No matter i do, still can't connect to CSS. I've change the credential to domain administartor but still can't connect. Can someone help me out?
|
|
|
|
|
RE: Can't connect to CSS on part 3 of Site-to-Site VPN - 6.Mar.2007 8:54:40 AM
|
|
|
adx40
Posts: 3
Joined: 4.Mar.2007
Status: offline
|
I did configure the DNS on the branch office network link, to point to DNS server on the main office network. And also on external public ip link (ADSL), i configure DNS to point to my isp DNS server..
The message is: "The L2TP tunnel could not established because the security negotiation time outed. Make sure..."
|
|
|
|
|
RE: Can't connect to CSS on part 3 of Site-to-Site VPN - 6.Mar.2007 11:36:13 AM
|
|
|
tshinder
Posts: 47420
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Do you see any messages regarding the VPN connection at the main office ISA Firewall?
Also, never put an external DNS server address on any of the ISA Firewall's NICs.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Can't connect to CSS on part 3 of Site-to-Site VPN - 6.Mar.2007 9:04:50 PM
|
|
|
adx40
Posts: 3
Joined: 4.Mar.2007
Status: offline
|
No, i didn't see any message.
I had removed the DNS server address from my main ISA Firewall's NIC as well as branch ISA Firewall's NIC. But still can not connect to main ISA Firewall.
Previously, the servers (CSS, main Firewall, branch Firewall) have a different name. In order to follow your article, i changed the servers name to suite the one in your article. The CSS and main Firewall are member of domain. Is there anythings else i should do?
I need the VPN connection up before monday next week. I willing to reinstall everything again.
Thanks,
Adx
|
|
|
|
|
RE: Can't connect to CSS on part 3 of Site-to-Site VPN - 7.Mar.2007 9:55:50 AM
|
|
|
tshinder
Posts: 47420
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Double check your DNS server and make sure that DDNS did not enter invalid IP addresses for the main and branch office ISA Firewall. You should disable DDNS registration for the external interface and also for the demand dial interface before establishing the VPN. I cover the demand dial interface DDNS issue in the last part of the article series.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Can't connect to CSS on part 3 of Site-to-Site VPN - 20.Mar.2007 10:00:12 AM
|
|
|
habibalby
Posts: 126
Joined: 20.May2006
From: Kingdom of Bahrain
Status: offline
|
Created a new post http://forums.isaserver.org/m_2002040972/mpage_1/key_/tm.htm#2002040972
< Message edited by habibalby -- 20.Mar.2007 11:46:10 PM >
_____________________________
For online help with ISA Server 2004 & 2006 SE or EE. Please call on +973-39228431
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
