Cisco 837 to 837 tunnel and ISA (Full Version)

All Forums >> [ISA Server 2000 Firewall] >> VPN



Message


marty2001 -> Cisco 837 to 837 tunnel and ISA (15.Jul.2004 10:33:00 AM)

Hi members

I have 2 new remote sites with Cisco 837s. The ISA 2000 home site has a Cisco 827. Cisco secure tunnels over the internet have been created between the remote sites and the home site.
The Cisco routers can all ping each other so the router person is happy.
I am not using any vpn/pptp clients to try and connect from the remote sites to the home site as the Cisco tunnel is supposed to pass the traffic securely.
I have read http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=13;t=001993 and http://www.isaserver.org/articles/IPSec_Passthrough.html, but am not sure if it applies to this scenario
I would like to have the remote sites connecting to exchange, datafiles and one application at the home site. I am not sure if I should try pptp inside the cisco tunnel on the remote clients.
Does anyone have any suggestions? I am considering getting a PIX to bypass ISA at the home site

regards
Marty




marty2001 -> RE: Cisco 837 to 837 tunnel and ISA (15.Jul.2004 10:45:00 AM)

More information:
All routers use ADSL
The remote PCs can not ping the ISA server or the home router. They can ping their remote routers.
I have published telnet on the ISA server and am able to half open a telnet session to devices inside the home site from the remote sites ie Telnet opens and does not respond. When I quit the telnet session, I am informed that the session has closed. I am also told that a telnet session is open if I try to open another telnet session.
I am unable to connect to published apps on the ISA server. I have been informed that this is because the Cisco tunnel takes and holds these port assigments, and that I need to assign secondary IPs on the published servers for the Cisco tunnel remote clients.




Page: [1]