I have a linux client trying to establish a GRE tunnel with a remote office. It gets Internet through VPN (static IP) and has All outbound protocols to External permitted. It also has an allow rule for all protocols from the remote office address, all users. No connection appears. When I look into the logs, I see GRE - FAILED. In the protocol definitions there was no GRE protocol, so I created GRE - Ip-level - protocol #47. It did not help either. I use ISA 2004 SP2 on W2k3 EE. PPTP fillter is enabled, everything allowed. All other VPN users have no problems, even with a slicky SIPv2 and even without explicit protocol definitions. Can any ISA gurus advise me a solution to this problem?
< Message edited by abissum -- 25.Jul.2006 12:09:53 AM >
VPN Clients network and External network have Route relationship. The endpoints of a GRE tunnel reside in External and in VPN Client network. Neither of the sides can establish GRE tunnel. ISA logs show GRE as a protocol type (even without creating a protocol definition for it) and as a result - FAILED. One of our clients use GRE tunnels among different offices. All of their gateways are linux machines which use GRE transport for creating one big VPN for accounting, telephony, and so on. With every single provider they were able to get their GRE tunnels working - everyone but us, using ISA Server 2004. An advise to switch to Windows or use different transport, of course, is not an option.