• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SBS 2003 premium - Hardware-Hardware VPN Configuration

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS >> SBS 2003 premium - Hardware-Hardware VPN Configuration Page: [1]
Login
Message << Older Topic   Newer Topic >>
SBS 2003 premium - Hardware-Hardware VPN Configuration - 27.Apr.2011 10:47:51 PM   
MyMy

 

Posts: 1
Joined: 27.Apr.2011
Status: offline
I have a remote office we are attempting to connect using two CISCO RV042 routers. We are trying to do this while keeping ISA as in the following article: http://msmvps.com/blogs/javier/archive/2004/12/08/23045.aspx from Javier's SBS Wonderland.

The main server is a SBS 2003 premium installation with ISA 2004. On the main site (SBS) we have 192.168.18.0/24 as the local area network, where 192.168.18.2 is the SBS server and 192.168.18.3 being the main sites router address. DHCP is disabled on this router and a laptop plugged into the routers switch port does pick up an IP from the SBS DHCP pool.

On the remote side we have 192.168.44.0/24 as the address range with 192.168.44.1 being the remote sites router address. DHCP is enabled in this router and hands out the IP addresses for the remote site. A laptop plugged into the routers switch port obtains an address from the routers DHCP server as expected.

At his point the two laptops can ping each other without a problem across the tunnel. The laptops can also ping client PC's on the other side of the tunnel without a problem.

Unfortunately the remote clients cannot ping the SBS address (they time out). Also the SBS server cannot ping the remote clients and gets a "Negotiating IP Security" error. Part of the instructions from the above site states you need a route command as in my case would be:
route add -p 192.168.44.0 mask 255.255.255.0 192.168.18.3

This would imply to me that any request to a 192.168.44.x address should be sent to the 192.168.18.3 address which is the main sites router. Instead I get the "Negotiating IP Security" error. I am confused. I assume that all negotiating and security is the job of the routers. Why the error on the SBS console at all? If I look at the log in the main sites router, the ping from the SBS server to the 192.168.44.1 remote router does not even show up. The "Negotiating IP Security." error is preventing the request from even hitting the router.

I have read many posting regarding the "Negotiating IP Security" error but mainly in the context of doing a VPN through ISA. I would think that in the above setup, ISA should have been totally bypassed by the "route" command. I did try adding the 192.168.44.0/24 address range to the ISA "Local Network" without success. After two days of reading and trying I am hoping someone can point me in the correct direction.

TIA, Mark

< Message edited by MyMy -- 28.Apr.2011 6:54:04 AM >
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS >> SBS 2003 premium - Hardware-Hardware VPN Configuration Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts