Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
branch office wizard error at connecting to CSS...
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
branch office wizard error at connecting to CSS... - 14.Dec.2006 12:32:20 PM
|
|
|
ryans4
Posts: 4
Joined: 11.Dec.2006
Status: offline
|
So I got the site 2 site L2TP VPN to connect, it asked me if I wanted to join the domain at the main office, to which I said yes, and did so, and then restarted (branch ISA). Upon login (on the branch ISA), the branch office wizard continues and asks you to connect to the CSS. I entered the name of the CSS server (at the main office) and login credentials (tried many different user accounts) and they all fail with the same error:
"A connection to the specified Configuration Storage server could not be established. This may be because the local computer needs to be added to the Managed ISA Servers computer set."
I checked the event viewer on both main and branch ISAs and neither have anything that links to teh same time as the attempted connection. I've tried this while logged in as both the local admin and domain admin on the branch ISA server. I've verified that the VPN is active (shows up on both ISAs under the ip configuration and under the RAS/Dial Up management console).
I have added both ISA servers to the Enterprise Policy as Replicate Configuration Storage servers and as Enterprise Remote Management Computers.
I have also changed the account that the ISASTGCRTL service runs as to be a domain admin account.
I have verified that the DNS entry for the branch office ISA server has the LAN IP of the ISA server. I have kept DDNS active (Secure Only option) as I need it to keep my back end exchange server cluster online.
Since the ISA at the main office is not the gateway for the LAN, I have setup a static route on our gateway to forward to the ISA LAN ip address for all address requests for the branch office. I have verified this running a tracert from the main office LAN that it routes to teh main office ISA server.
On the branch ISA server, I can resolve names on the main office LAN. I have no DNS at the branch office (is it set to use the DNS server at the main office).
My CSS is stored on the main office ISA server.
Using the ADAM Site tool, I can connect to the CSS from the main office ISA server on port 2171 (not 2172). From the branch office, using the ADAM Site tool, I cannot connect to the CSS on ports 2171 or 2172. So this tells me that the CSS is working, and that something is keeping the branch office from connecting to it, which I'm guessing is either a DNS issue (can't resolve teh CSS FQDN) or that the main office ISA is blocking access to the teh CSS on port 2171.
Any ideas would be greatly appreciated.
Thanks
-Ryan
< Message edited by ryans4 -- 14.Dec.2006 4:15:38 PM >
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
