Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

branch office clients can't ping remote office

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> VPN >> branch office clients can't ping remote office Page: [1]
Login
Message << Older Topic   Newer Topic >>
branch office clients can't ping remote office - 5.Aug.2008 9:26:28 AM   
jschorn@aimetis.com

 

Posts: 4
Joined: 9.Oct.2007
Status: offline 		I created a site to site vpn connection. From the isa server in the branch office, I can ping the remote clients. For some reason from the client PCs in the branch office I cannot. Don't know why ISA can ping remote clients successfully through the vpn but other PCs on network cannot. Please help!
Post #: 1
RE: branch office clients can't ping remote office - 5.Aug.2008 12:19:57 PM   
pwindell

 

Posts: 782
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline 		Never ever ever ever test "from the ISA".

ISA is not part of the same Network Definition that the rest of the machines are part of.  The success or failure of testing from the ISA means absolutely nothing,...in fact when tasks are done correctly, testing from the ISA should always fail, while testing from other sources should succeed.

VPN is subject to Access Rules just like everything else is.

From: <the VPN Network Definition>
To: <whatever>
Protocol:<whatever>
Users:<whatever>



_____________________________

Phillip Windell
www.wandtv.com

(in reply to jschorn@aimetis.com)
Post #: 2
RE: branch office clients can't ping remote office - 6.Aug.2008 5:44:00 AM   
jschorn@aimetis.com

 

Posts: 4
Joined: 9.Oct.2007
Status: offline 		I have an access rule allowing "all outbound traffic" from Internal and waterloovpn" (my vpn connection) to internal and waterloo vpn. I don't think it is my access rule. What else could it be? Anything I need to verify in Routing and Remote Access or anywhere else? Like I said, I have a vpn open between branch office ISA2006 and HQ. Branch initiates connection. ISA2006 Branch server can ping remote HQ network, but other clients in branch cannot.

(in reply to pwindell)
Post #: 3
RE: branch office clients can't ping remote office - 6.Aug.2008 10:10:21 AM   
pwindell

 

Posts: 782
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline 		A VPN connection is just a glorified private network link between two points.  Just because you have the link "up" does not mean traffic will flow over it if you don't have the LAN's Routing Scheme (both side) setup to know how to route the traffic.

Just having the link "up" does not provide the routing and does not make the routing "happen".  The ISA knows the route because it is "directly connected" to it,...that doesn't mean the rest of the LAN knows what to do with it.


_____________________________

Phillip Windell
www.wandtv.com

(in reply to jschorn@aimetis.com)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> VPN >> branch office clients can't ping remote office Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts