Welcome to ISAserver.org

L2TP/IPSEC VPN ISA not logging requests

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Firewall] >> VPN >> L2TP/IPSEC VPN ISA not logging requests

Page: [1]

Message

<< Older Topic Newer Topic >>

L2TP/IPSEC VPN ISA not logging requests - 2.May2008 7:15:23 AM

intersimi

Posts: 33
Joined: 12.May2007
Status: offline

Hi all,

I am having a problem establishing a VPN session. I have a single ISA server in an array (servers to be added later). L2TP/IPSEC is configured to use Pre-Shared Keys (at the moment to simplify).

I had the solution working a couple of days ago using Radius authentication via RSA server. When I tested on another machine (I had to give back initial client machine) it failed. I have tried on a few different machines and it failed. Now I have gone back to simplify the setup once more. I have removed the Radius authentication (ISA on domain). The simple setup is:-

ISA issues IP addresses
Access networks is External
Authentication is PAP and preshared key
No Radius checked
Domain Users remote access allowed
My account had 'Dial-in' permissions
User mappings for domain is correct
Protocol is L2TP/IPSEC

The weird thing is, that if I monitor ISA via live logging and attempt to connect, sometimes, I see ports 500 and 4500 as successful connections. Other times I see nothing, as if my client does not even reach the destination.
Using Wireshark and monitoring the external interface, I am able to see lots of 500 and 4500 traffic, but non of it is logged within ISA. Why is that?

_____________________________

regards,

Intersimi

Post #: 1

Featured Links*

RE: L2TP/IPSEC VPN ISA not logging requests - 2.May2008 7:47:47 AM

intersimi

Posts: 33
Joined: 12.May2007
Status: offline

Looking through the Security log, I see event ID 547

IKE security association negotiation failed

Failure point: Me
Failure reason: negotiation timed out

(in reply to intersimi)

Post #: 2