• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Win 2003 RRAS to ISA 2004 routing issues

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Win 2003 RRAS to ISA 2004 routing issues Page: [1]
Login
Message << Older Topic   Newer Topic >>
Win 2003 RRAS to ISA 2004 routing issues - 26.Mar.2008 12:03:57 PM   
DynamicIS

 

Posts: 1
Joined: 26.Mar.2008
Status: offline
Hi all,

Im having an issue with routing from a remote network (running 2003 RRAS) to ISA 2004 as part of SBS 2003 Premium.

Main Site server (SBS2003 Prem) has internal NIC on 192.168.0.2 and external NIC on 192.168.1.2. We use a Draytek Vigor 100 ADSL modem on the external NIC with a PPPOE connection from the server to our ISP. ISA works fine with this - no issues at all. ISA is configured to accept incoming PPTP VPN connections and users can VPN in without issues. There is a site to site VPN set up within ISA with dial in permissions and RIP is configured. Have a static route of 192.168.10.0 with mask of 255.255.255.0 set up.

Have set up a branch office with a Draytek router, a win 2003 server and 1 NIC. The server NIC is on 192.168.10.2 and the router on 192.168.10.1. Have configured a RRAS demand dial interface from this server to the main office ISA server. This connects fine and also has RIP. Have a static route of 192.168.0.0 with mask of 255.255.255.0 set up. 

The main site server can ping / tracert to the remote site server and any PCs there.
The remote site server can ping / tracert to the main site server and any PCs there.
The main site PCs can ping the remote site server but not any PCs on the remote site.
The remote site PCs can ping the main site server but not any PCs on the main site.

The main site users have an IP of 192.168.0.0/24,  subnet mask of 255.255.255.0 and a default gateway of 192.168.0.2.
The remote site users have an IP of 192.168.10.0/24, subnet mask of 255.255.255.0 and a default gateway of 192.168.10.2

ISA doesnt seem to be blocking anything - set up access rules from main to remote networks and vice-versa and cant see any issues in the rules.

Anyone have any ideas?

Paul..
Post #: 1
RE: Win 2003 RRAS to ISA 2004 routing issues - 26.Mar.2008 6:03:35 PM   
ClintD

 

Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
It sounds like the names of the interfaces don't match. What is the name of the ISA "Remote Site" and what is the name of the RRAS "Demand Dial Interface"? These names have to correspond to the account used.

For example, ISA must has a "Remote Site" named Win2003RRAS and the RRAS box must have a DOD named Win2003ISA or something similar. The accounts used must match the opposite servers interface name.

To be clear...

ISA
Remote Site Name - Win2003RRAS
Account Specified in Remote Site - Win2003ISA

RRAS
DOD Interace Name - Win2003ISA
Account Specified in DOD - Win2003RRAS

The names of the accounts as well as the interfaces trigger special logic that tells ISA and RRAS that these are 2 way connections - not just connections from the endpoints themselves.

(in reply to DynamicIS)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Win 2003 RRAS to ISA 2004 routing issues Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts