• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA 2004 VPN to DLink 804HV

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> ISA 2004 VPN to DLink 804HV Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA 2004 VPN to DLink 804HV - 17.Nov.2005 4:11:55 AM   
zodiaczz

 

Posts: 13
Joined: 23.Feb.2005
Status: offline 		I am trying to do the following
http://www.isaserver.org/articles/2004isadlink.html

Setting up a remote VPN site to site connection between the two locations with this D-Link device.

I have set up everything I can think of but obviously I am missing something.
1. Set up the IPSEC Tunnel mode
2. Put in my local and remote endpoints
3. Set my security IKE Group settings etc
4. Allowed Access through the firewall policy to the remote subnet into my local subnet and vice versa
5. Used a route relationship between the two devices not NAT

When I look at the Dlink it says that the IKE VPN is established
When I go into the network monitor on ISA I see the remote connection and IPSEC and that it is enabled.
When I go to the IP SEC Monitor MMC tool I can see it there.

However I have these problems
1. I cannot access any machines from either side
2. IF I ping the remote subnet from my ISA Server I got Negoitiating Security Policy
3. If I ping from the remote side I just get a time out
4.  However if I ping the internal IP of the remote Dlink from anotehr server on the local LAN I get a response? however if I try to ping a computer behind the DLINK it times out.

Suggestions?

Would one have to open up the IPSEC ports separately as well? such as port 500

Any ideas I am just about out
Post #: 1
RE: ISA 2004 VPN to DLink 804HV - 18.Nov.2005 2:44:46 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Zodiac,

I've pinged Tiago and hopefully he'll be able to help you out.

Thanks!
Tom


_____________________________

Thomas W Shinder, M.D.

(in reply to zodiaczz)
Post #: 2
RE: ISA 2004 VPN to DLink 804HV - 18.Nov.2005 3:04:56 PM   
zodiaczz

 

Posts: 13
Joined: 23.Feb.2005
Status: offline 		Hey Thanks Tom,

I am pretty well out of ideas, I will keep my eye on the forum.

Thanks


(in reply to tshinder)
Post #: 3
RE: ISA 2004 VPN to DLink 804HV - 21.Nov.2005 12:40:10 PM   
tiagoaviz

 

Posts: 4
Joined: 24.Jan.2003
From: Curitiba/PR - Brasil
Status: offline 		Hi there Zodiac,

Well, looks like a IPSec configuration problem. Most likely it isn't matching. Can you post the D-link Logs or send them to me at tiago@softsell.com.br ? Also explain your IP addressing, network masks and Internet connection type on both sides.

Is the security audir policy indicating an IPSec error on the ISA Server end? Check out your event viewer when you try to ping a machine on the d-link subnet.

Do IPSec and IKE policies match on both sides? Do you have more than one subnet on your "internal" network object on ISA 2004? My article explains how these policies must be configured on both sides in order to work.

(in reply to zodiaczz)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> ISA 2004 VPN to DLink 804HV Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts