• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

L2TP/IPsec certficates

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> VPN >> L2TP/IPsec certficates Page: [1]
Login
Message << Older Topic   Newer Topic >>
L2TP/IPsec certficates - 9.Jun.2003 12:27:00 PM   
Tom Chadwick

 

Posts: 9
Joined: 16.May2002
From: Ipswich, UK
Status: offline
Hi,

I have read the many excellent articles on configuring the ISA server to support L2TP/IPsec with certificates. I have two ISA servers with a PPTP connection and just cannot get the L2TP to connect.

I have valid certficates (client & server)on both ISA servers. The event viewer shows that the IKE security association failed. Failure point: ME Failure Reason: Negotiation timed out.

Any thoughts would be most welcome

Thanks
Post #: 1
RE: L2TP/IPsec certficates - 9.Jun.2003 1:08:00 PM   
Tom Chadwick

 

Posts: 9
Joined: 16.May2002
From: Ipswich, UK
Status: offline
I have checked the Packet filters and it seemed that the Wizard or something had entered the wrong IPs for the filters. This has been corrected and now I get 'New policy invalidated SAs formed with old policy'

Any thoughts?

Thanks

(in reply to Tom Chadwick)
Post #: 2
RE: L2TP/IPsec certficates - 9.Jun.2003 7:08:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Not beaten,

Restart the RRAS server and try again. Make sure that fragment filtering is disabled on the ISA firewall. Fragment filtering can cause problems with the certificate exchange.

HTH,
Tom

(in reply to Tom Chadwick)
Post #: 3
RE: L2TP/IPsec certficates - 10.Jun.2003 9:14:00 AM   
Tom Chadwick

 

Posts: 9
Joined: 16.May2002
From: Ipswich, UK
Status: offline
Tom,

Many thanks for your prompt and accurate reply. we now have an IPsec intra-site VPN.

Yours NOT beaten yet,

Tom Chadwick

(in reply to Tom Chadwick)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> VPN >> L2TP/IPsec certficates Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts