Ive been trying to setup a PPTP site to site VPN with a Vigor 2800 adsl router, so far I have achieved the following
1. Vigor 2800 to ISA 2004 - I have created a LAN to LAN connection on the Vigor and using PAP/CHAP with a dial in enabled user I can establish a PPTP VPN connection to my SBS 2003 Server. However once connected I cannot ping from the remote client to the ISA Server, logging shows this as Denied by no specified rule. I understand that the ISA 2004 treats my remote network 192.168.100.0 as external and as a result denies my pings.
2. I have setup an ISA 2004 Site to Site VPN for PPTP and successfully had the Demand Dial Interface VPN my Vigor 2800 Router and esatablish a PPTP VPN, allowing ping as a test communication from the ISA to Remote Client and Remote Client to ISA. At this stage the Site to Site seems to be working as expected.
However the issue occurs when trying to establish the Site to Site from the remote client, the Vigor router cannot PPTP VPN the ISA server, the RRAS logs the event log error 20050, cannot negotiate network protocols. The Vigor is set to PAP/CHAP so I have set the ISA Site to Site to allwo these encryption types, and also I have allowed these in the RRAS and Remote Access Policy, but each time I get this error when trying to connect from the remote side.
I can only think that it is an ISA issue as I could establish the VPN prior to creating the Site to Site VPN, but once this is created I cannot. This means I have half a solution as I can start the link from the main site but not the remote site.
Ive been working on remote sites over ADSL for a while and found IPSEC just isnt consistent enough, and I have MTU issues often, so my plan was to use PPTP as this uses an MTU of 1400. Does anyone have any thoughs on this, or experience with a Vigor PPTP VPN?