Hello there Sorry for the little spelling faults, english isn't my native language I spend almost a day reading various topics about pptp outbound with ISA 2004. Most of the topics have the same symptoms, but not always the same solution. This is my situation:
Client XP---2003sbs with ISA 2004----Vigor 2600---Wan---Vigor 2600+----2000SBS with ISA2000
When i configure ISA 2004 to allow outbound PPTP i get an error 619 on the client pc. When i configure RRAS on ISA 2004 to setup PPTP to this ISA 2004 server i get nog error code, but a message that the connection cannot be made.
When I connect to the ISA2000 server without ISA2004, everythings works fine! But as soon ISA 2004 is involved, it doesn't connect.
I have also another PPTP connection setup that looks like this: Client---2003SBS with ISA2004---vigor2600---WAN---Vigor 2600+ Vigor is configured to accept PPTP. This also works fine! Also when I set up ISA2004 to connect to the vigor Router.
So my conclusion: PPTP won't work trough ISA2004 to ISA2000.
I there anybody who has had the exact same problem?
Note: ISA 2004 is properly configured. no worrys about that, because the PPTP directly to an Vigor modem works fine. Also, the ISA2000 is configured properly because I'm able to connect to the ISA2000 without ISA 2004.
Thnx for the response. 1: Correct, but we are testing ISA 2004 because SP1 for SBS contains ISA 2004. 2: We tried both options...no result 3: outbound rule is present (because pptp to an vigor modem works fine)
this afternoon (holland) we also tested the exact same situation with ISA 2000...and guess what: it worked.
Somewhere on the I-net a person told that before you install ISA2004 you should enable ICF. Is that true? Because if that's the case, I'm not so happy because we have to remove ISA 2004, enable ICF and then re-install ISA2004. But that is what I'm trying to prevent.
RE: PPTP outbound with ISA 2004 - 20.Jan.2005 7:32:00 PM
I have that trouble too. Absolutely like your trouble! But at both sides I have ISA 2004 (at client side and at server side). I haven't installed SBS. Just Windows 2000 AS + ISA 2004. Active directory is not present. Rule All/toAll/fromAll is present and enabled at both ISAs. Without one of that ISAs (anyone) all works fine. But if I install ISA 2004 at any end VPN don't work. If I shutdown all ISA services (and firewall) the VPN DON'T work also. If I will uninstall ISA VPN will work good.
Situation 1 doesn't work because it goes over ISA 2004. We also replaced the SBS2003 with an 2003 standard edition with ISA2004. We did this because ISA2004 isn't supported on SBS2003.
Situation 3 DOES work because it goes over ISA 2000. Situation 2 DOES work (Don't know why it works, but A connection to a Vigor over ISA 2004 works perfectly.
Now we tested a little bit with the Firewall Engine. In situation 1: We made a little adjustement in FWENG with fwengmon.exe. We managed to configure the route so it doesn't go over ISA server kernel-mode driver. When this is configured, PPTP DOES work!
This is not a solution, not a work around, but only to show where the problem exists.