• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Publishing PPTP VPN in a Back-2-Back ISA 2004 Setup

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> Publishing PPTP VPN in a Back-2-Back ISA 2004 Setup Page: [1]
Login
Message << Older Topic   Newer Topic >>
Publishing PPTP VPN in a Back-2-Back ISA 2004 Setup - 27.Jul.2006 5:47:38 PM   
waynewhittle

 

Posts: 117
Joined: 21.Apr.2004
From: Cardiff
Status: offline
We are testing out a back-2-back ISA scenario trying to link it via PPTP to another ISA 2004 server at a remote office. I have configured the ISA
servers as follows:

Local Site (Site 1):
ISA BE - Configured new VPN Site (Site 2) with a static IP Assignment
ISA FE - Configured to publish PPTP to the external interface of the BE ISA

Remote Site (Site 2):
ISA - Configured new VPN site to (Site 1) with static IP assignment.

I can get the connection working but I noticed that the IP addresses at both ends of the connection were BOTH from Site 1's static address pool ?!?

What I am trying to achieve is to have static addresses for each DD Interface - normally you would give Site 1's DD connection to Site 2 an IP from Site 2's INTERNAL address range (not the static VPN Address Pool) and Site 2's DD connection to Site 1 and IP from Site 1's INTERNAL address range (not from the Static VPN Address Pool). Hoever if I try and configure these DD interfaces this way I cannot connect (this works in our live environment which is a tri-Homed ISA setup - thus no publishing rule for PPTP to a BE ISA). Have I missed something here ?

Any advice would be most appreciated..

Cheers

Post #: 1
RE: Publishing PPTP VPN in a Back-2-Back ISA 2004 Setup - 30.Jul.2006 5:24:48 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Wayne,

If both sites are assigned addresses from the same pool, it indicates that one or both sides are creating remote access VPN connections and not site to site VPN connections.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to waynewhittle)
Post #: 2
RE: Publishing PPTP VPN in a Back-2-Back ISA 2004 Setup - 31.Jul.2006 2:00:05 PM   
waynewhittle

 

Posts: 117
Joined: 21.Apr.2004
From: Cardiff
Status: offline
It's ok I've sorted this one out. Two silly mistakes.

1. One of the Router accounts had a static IP associated with it so I took that off. You specify the static IP on the demand dial interface itself under it's TCP/IP settings.
2. VPN Clients <--> Remote Site rule was not established.

Both sites had their own static address pools and they weren't showing up as VPN clients (which is correct). The problem was one of the router accounts also had a static IP of the other site associated with it (can't remember doing that!).

This can be closed now.


many thanks

Wayne

< Message edited by waynewhittle -- 1.Aug.2006 2:02:05 PM >

(in reply to tshinder)
Post #: 3
RE: Publishing PPTP VPN in a Back-2-Back ISA 2004 Setup - 1.Aug.2006 1:26:24 PM   
waynewhittle

 

Posts: 117
Joined: 21.Apr.2004
From: Cardiff
Status: offline
Please close..

< Message edited by waynewhittle -- 1.Aug.2006 1:59:17 PM >

(in reply to waynewhittle)
Post #: 4
RE: Publishing PPTP VPN in a Back-2-Back ISA 2004 Setup - 13.Aug.2006 8:43:59 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Wayne,

Thanks! Good to hear you got  it working and thanks for the follow up!

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to waynewhittle)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> Publishing PPTP VPN in a Back-2-Back ISA 2004 Setup Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts