Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Outgoing PPTP
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Outgoing PPTP - 20.Sep.2006 11:59:32 PM
|
|
|
jconley
Posts: 5
Joined: 20.Sep.2006
Status: offline
|
I'm trying to configure our ISA Server to allow outgoing PPTP tunnels but I can't seem to get it to work. The VPN client keeps spitting back error 619. The ISA Server is a VPN terminator for incoming connections and that side of things works great. Any thoughts? I've looked through every dialog I could find, but so far no magic "allow PPTP pass through" setting has been found.
|
|
|
|
RE: Outgoing PPTP - 21.Sep.2006 12:00:53 AM
|
|
|
jconley
Posts: 5
Joined: 20.Sep.2006
Status: offline
|
I should point out that the obvious setting up of an Allow policy for outgoing PPTP across the appropriate networks has been done. Also, we do not run the firewall client at all, these are all anonymous NAT users.
|
|
|
|
|
RE: Outgoing PPTP - 21.Sep.2006 5:42:44 PM
|
|
|
alans
Posts: 67
Joined: 8.Mar.2006
Status: offline
|
Need more information.
Do you have a direct line out from the ISA or are is it going through an router. The problem might be the router doesn't support GRE that is required for VPN.
If isa as direct access to the internet there shouldn't be a problem
Regards,
Alans
|
|
|
|
|
RE: Outgoing PPTP - 21.Sep.2006 7:08:18 PM
|
|
|
jconley
Posts: 5
Joined: 20.Sep.2006
Status: offline
|
The ISA Server has two NIC's. One is internal, one is external. The external NIC has our 5 external static internet routeable IP's and is connected directly into a Netopia DSL modem/bridge/gateway. VPN does work through this device and if I unplug the ISA server and plug back in our old gateway (Linux based system) it works fine. I'm sure I'm just missing some configuration somewhere in the ISA machine. Like I said earlier it does work for terminating incoming PPTP VPN's just great, I just can't get an outgoing one to make it through.
|
|
|
|
|
RE: Outgoing PPTP - 21.Sep.2006 8:02:32 PM
|
|
|
alans
Posts: 67
Joined: 8.Mar.2006
Status: offline
|
Hi,
If all the networks and network rules are correct and the access rule allows the traffic you shouldn't have any problem connecting out.
I'm running ISA 2004/2006 at home at the office and at about 50 clients no problem it just may be a small configuration problem.
Make sure everything is defined correctly and maybe check the logs to see the error message. It should also state the source network is Internal and the Destination must be external.
Regards,
Alans
|
|
|
|
|
RE: Outgoing PPTP - 21.Sep.2006 9:50:38 PM
|
|
|
jconley
Posts: 5
Joined: 20.Sep.2006
Status: offline
|
I guess my issue is that I don't know what the correct network rules and address rules are for routing PPTP in ISA. In fact I even have an "everything outbound" policy that allows any protocol from any internal network to go to any other network. This seems to work for every other protocol. I assumed this would cover it, but I must be missing something. Is there a guide somewhere (that's relevant to 2006) or a sample configuration I can look at?
|
|
|
|
|
RE: Outgoing PPTP - 22.Sep.2006 6:49:39 PM
|
|
|
jconley
Posts: 5
Joined: 20.Sep.2006
Status: offline
|
Site to Site VPN's don't appear to be working either. So it's basically all outgoing VPN's. Is there an issue or some considerations that need to be done to accept incoming VPN's and allow PPTP Passthrough on the same ISA Server?
|
|
|
|
|
RE: Outgoing PPTP - 24.Sep.2006 7:20:19 PM
|
|
|
alans
Posts: 67
Joined: 8.Mar.2006
Status: offline
|
Hi,
GRE is required. I think you might have a problem with GRE. have you tried L2TP?
Regards,
Alan
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
