I have Sbs 2003 Premium R2 and i have made vpn tunnel with Dlink DFL-200. In the ISA Server 2004: Sud IP: 192.168.30.11 Nord IP: 192.168.1.11
Step to prepare VPN connection
New Network: Name=Test Addresses=192.168.31.0 to 192.168.31.255 Connection from external IP of remote DLINK to nord interface of ISA IPSec setting= default Use pre-shared.... = <sample passphrase>
New Network rule: Name=Test2 Source= Test Destination=Internal RelationShip=NAT
Firewall Policy: SBS already contained a rule for all traffic from protected network to protected network.
In Dlink i have configured a new tunnel as dlink documentation. Nord Ip = <pubblic static ip> Sud Ip = 192.168.31.1
Tunnel is correctly established. From vpn client (192.168.31.111) that is connected behind the Dlink and use it as gateway i can access to all resource in the internal network.
Two question: 1) During test i view in ISA log an high number of connection between 192.168.31.111:0 to 192.168.30.11:0 that are denied. What are ths connection? Why are the only denied? 2) I have tried to merge to sbs domain the vpn client. Merging is ok, but after i have restart and i have tried to logon with user domain, logon access does not completed and vpn client hung in "load personal setting" windows. At this time in ISA log together normal traffic (DNS, authentication, etc...) allowed, i find an high number of connetction denied from port 0 to port 0 (how i have explained in my point 1). This the reasons of the failed access?