• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

TriHomed ISA - Question

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> TriHomed ISA - Question Page: [1]
Login
Message << Older Topic   Newer Topic >>
TriHomed ISA - Question - 8.Oct.2004 10:32:00 AM   
**P.Gordon**

 

Posts: 14
Joined: 19.Jul.2004
From: London
Status: offline
Here's a question:
I am using ADSL for inbound\outbound web Nic #1
Internal card = Nic #2
Here is the question - can I have a Nic #3 configured with external IP (no gateway) (SDSL connection) this would be used for the Site to Site VPN link.

If I can achieve this how do I tell ISA to use this card as a route for the VPN

I hope I made sense,

Regards Pete
Post #: 1
RE: TriHomed ISA - Question - 8.Oct.2004 11:17:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Pete,

You can create a site to site link using the third card. Make sure the static routes are correctly configured.

HTH,
Tom

(in reply to **P.Gordon**)
Post #: 2
RE: TriHomed ISA - Question - 8.Oct.2004 1:04:00 PM   
**P.Gordon**

 

Posts: 14
Joined: 19.Jul.2004
From: London
Status: offline
Many thanks for you reply,

can I tax you for a more specific reply,
I am unsure as to how I create the new network to use for the site to site VPN.
When this network is created would this then create the route with which to use?

Many thanks
Pete

(in reply to **P.Gordon**)
Post #: 3
RE: TriHomed ISA - Question - 8.Oct.2004 8:03:00 PM   
snojslky

 

Posts: 33
Joined: 1.Oct.2002
Status: offline
Hi,

You need to add a route that tells the you server that that it should use your SDSL nic for the vpn site you are connecting to.

route add x.x.x.x mask x.x.x.x z.z.z.z -p

x.x.x.x the ip of the external vpn site
z.z.z.z the isp gateway for you SDSL

/Snoj

(in reply to **P.Gordon**)
Post #: 4
RE: TriHomed ISA - Question - 11.Oct.2004 5:37:00 PM   
**P.Gordon**

 

Posts: 14
Joined: 19.Jul.2004
From: London
Status: offline
Thanks for you reply. I feel I did not make my self entirely clear. I understand the method with which to create a static/persistant route.

To add the SDSL network into ISA do I have to add as a perimeter network?

Also is I do then how do I configuer VPN in ISA. I beleive when I create the VPN it will create the routing table at this point as I would tell ISA what the remote internal network address range is.

The reason I am question the method to create the VPN is because when I have my three NIC's all enabled and ICMP set to reply I can get no reponse from the SDSL Nic unless I disable the ADSL (Internet) external NIC.

Thanks Peter

(in reply to **P.Gordon**)
Post #: 5
RE: TriHomed ISA - Question - 19.Oct.2004 9:31:00 PM   
anorak

 

Posts: 4
Joined: 24.Aug.2004
Status: offline
hi. I am also working on the same problem - isa2004.
nic#1 - 2mb adsl internet
nic#2 - internal
nic#3 - dedicated 256k leased line
i want my site to site vpn connection to use the leased line and everything else e.g client vpn,www,mail,web publishing etc to use the adsl connection.
everything worked fine with only 2 nics. I added the third nic. Then I found couldnt connect a vpn client into the server on nic#1 anymore (error:username or password is invalid on the domain - strangely this then seemed to happen also when you tried to terminal serve to the isa server from within the LAN) I added an additional external network in ISA with the range assigned from my isp on the leased line and changed vpn in isa to allow inbound connections from both nic#1 and nic#3. I also added a route to isa server for remote gatewate for site to site via nic#3 (well the router it is connected to's ip). Still no joy.
So what did I miss, how exactly do i make this work?

(in reply to **P.Gordon**)
Post #: 6
RE: TriHomed ISA - Question - 20.Oct.2004 4:17:00 PM   
anorak

 

Posts: 4
Joined: 24.Aug.2004
Status: offline
ok - i have got vpn "old" vpn connections working to nic#1 again - i changed the binding order of the nics as it appeared that the newly added nic (#3) had become the first in the list. Still can get any vpn connections (or other traffic) out through the 3rd nic. If i add a static route out to an external ip through the interface I just receive destination network unreachable error?

(in reply to **P.Gordon**)
Post #: 7
RE: TriHomed ISA - Question - 20.Oct.2004 4:17:00 PM   
anorak

 

Posts: 4
Joined: 24.Aug.2004
Status: offline
ok - i have got vpn "old" vpn connections working to nic#1 again - i changed the binding order of the nics as it appeared that the newly added nic (#3) had become the first in the list. Still can get any vpn connections (or other traffic) out through the 3rd nic. If i add a static route out to an external ip through the interface I just receive destination network unreachable error?

(in reply to **P.Gordon**)
Post #: 8

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> TriHomed ISA - Question Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts