• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

VPN Routing to the internet

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> VPN >> VPN Routing to the internet Page: [1]
Login
Message << Older Topic   Newer Topic >>
VPN Routing to the internet - 21.Nov.2001 8:26:00 AM   
aaltwal

 

Posts: 3
Joined: 21.Nov.2001
From: Amman
Status: offline
Hi all,

I have ISA Server implemented in all our branches which connects to our HQ ISA Server over VPN.

I need to have users in the branches access certain internet locations through our HQ internet link (for security reasons).

The scenario I am looking for is: Packets going from the user at the branch to be routed from his ISA server through the VPN to our HQ ISA Server and then to the internet from our ISA server (these packets are TCP/IP Packets to telnet port 23), and preferably NATed.

Packets are reaching the ISA Server at HQ and are stopping there.

What is going wrong?

Post #: 1
RE: VPN Routing to the internet - 23.Nov.2001 5:55:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi aaltwal,

Good question. I suspect you'll have to make a VPN connectoid and then configure the ISA Server to access the Internet via the connectoid. That will allow it to use Web Proxy and Firewall chaining with the upstream ISA Server in the main office.

HTH,
Tom

------------------
http://www.isaserver.org/shinder/


Get It Here!


(in reply to aaltwal)
Post #: 2
RE: VPN Routing to the internet - 25.Nov.2001 9:19:00 AM   
aaltwal

 

Posts: 3
Joined: 21.Nov.2001
From: Amman
Status: offline
I am not looking for Proxy Chaining, I have an IP SEC Tunnel at mu HQ and all traffic to a certain destination (TCP port 23) should go from that IPSec Tunnel. so when the user in a remote site initiate a telnet to this specific destination, the traffic should be Routed (through RRAS and VPN) to my HQ RRAS Server (also running ISA) and then from my HQ RRAS to the internet through the IPSec tunnel.

I checked every possible document.

Do you suspect anything?


(in reply to aaltwal)
Post #: 3
RE: VPN Routing to the internet - 25.Nov.2001 8:16:00 PM   
Nuddelaug

 

Posts: 167
Joined: 25.Apr.2001
From: Wien
Status: offline
Hi aaltwal

if the Stop at ISA where exactly did they try to go ? (internal/external)

Greetz Nuddi


(in reply to aaltwal)
Post #: 4
RE: VPN Routing to the internet - 26.Nov.2001 10:05:00 AM   
aaltwal

 

Posts: 3
Joined: 21.Nov.2001
From: Amman
Status: offline
Well the packets are reaching my HQ ISA Server andthen they do not go anywhere, All my rmote sites are within the LAT and are considerred internal, the destination is external and is not included in teh LAT.

I can reach the host when initiating the call from within my LAN at HQ or when I initiate the trafic from any location not connected to me through VPN (some local Branches connected through Leased linest to an internal Router behind the ISA)

The problem only exist when the traffic is reaching my HQ ISA Server from a VPN and is destined to a destination that is external.

I don't have any events logged in the event log.


(in reply to aaltwal)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> VPN >> VPN Routing to the internet Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts