Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Solved: VPN Static address pool
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Solved: VPN Static address pool - 21.Oct.2008 9:39:51 AM
|
|
|
lbm_
Posts: 44
Joined: 9.Sep.2008
Status: offline
|
Hi Guys
I found out after making a replica storage server, that I cannot use the DHCP option anymore. It therefor would be the best way for me to add a new subnet I think.
I have just created a new subnet quickly as a test, and it works fine, and I can access the VPN, and it gives me an address. But I cannot come in contact with servers, or even ping them, I beleive it is because it is on a diferrent subnet.
What do I have to do, to make this subnet able to contact the production subnet?
Make a new network route on the ISA, or ?
< Message edited by lbm_ -- 23.Oct.2008 5:14:52 AM >
|
|
|
|
|
RE: VPN Static address pool - 22.Oct.2008 3:01:21 AM
|
|
|
lbm_
Posts: 44
Joined: 9.Sep.2008
Status: offline
|
It is actually the exact problem as described here, although I cannot find the correct solution.
http://www.tech-archive.net/Archive/ISA/microsoft.public.isa/2008-05/msg00050.html
The default route is there, which I actually at first thaughted caused the problem.
VPN Clients to Internal Network - Route - Quarantined... Vpn Client - Internal
< Message edited by lbm_ -- 22.Oct.2008 8:21:21 AM >
|
|
|
|
|
RE: VPN Static address pool - 22.Oct.2008 8:56:51 AM
|
|
|
lbm_
Posts: 44
Joined: 9.Sep.2008
Status: offline
|
I can ping the VPN client fine from the ISA, but not from the client to the ISA.
|
|
|
|
|
RE: VPN Static address pool - 22.Oct.2008 10:02:46 AM
|
|
|
lbm_
Posts: 44
Joined: 9.Sep.2008
Status: offline
|
Could it be that I am missing some routes in the routing table locally on the ISA ?
|
|
|
|
|
RE: VPN Static address pool - 22.Oct.2008 10:15:54 AM
|
|
|
Jason Jones
Posts: 2247
Joined: 30.Jul.2002
From: United Kingdom
Status: offline
|
Do the internal servers have ISA as the default gatway?
If not, they you will need to tell them how to send replies back through ISA; this will likely mean adding routing somewhere which details your remote VPN subnet and the need use ISA as the gateway for this network.
Cheers
JJ
_____________________________
Jason Jones (MVP)
Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/
Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: VPN Static address pool - 22.Oct.2008 12:37:11 PM
|
|
|
lbm_
Posts: 44
Joined: 9.Sep.2008
Status: offline
|
Thanx for replying Jason.
You could be right with this one, since the servers are configured with an another firewall at this time.
Be something is woundering me then, why I cannot ping any of the interfaces on the firewall?
|
|
|
|
RE: VPN Static address pool - 23.Oct.2008 4:54:44 AM
|
|
|
lbm_
Posts: 44
Joined: 9.Sep.2008
Status: offline
|
I created the an network rule as you said jason, and then I got a ping deny error in the logs.
Created an allow policy, and BANG, now there is access through atleast.
Thanx a bunch.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
