|
colombo -> Cannot connect to IPSEC VPN Server behind NAT (NAT-T) (18.Jan.2008 10:33:48 AM)
|
Hi All,
I have a Windows Small Business Server 2003 SP1 environment. The server has two network interface. One for the local network clients, one for the public network so that our local clients connect to the external network via SBS 2003 ISA nat.
My problem is that I couldn't connect to an external IPSEC based VPN server from the local network behind the SBS ISA server.
I read the relevant articles, forum posts, and I have already created the necessary firewall rules on the ISA what the articles write about the NAT-T and IPSEC passthrough.
For example this:
http://www.redline-software.com/eng/support/articles/isaserver/general/how_to_pass_ipsec_traffic_through_isa_server.php
But I cannot connect.
I tried to create to this host "All outbound connection" access rule, but the result was the same.
In the ISA monitor I didn't see the denied traffic.
The VPN client program is the Checkpoint Secure Client and I set the "use NAT traversal tunneling" option.
From my home network (also behind router) I can connect to this VPN with the same options.
Could anybody help me to solve this problem? And do you have any idea at least how can I monitor the denied connection details?
Thanks in advance,
Kind regards,
Peter
|
|
|
|