Perkdaddy
asked on
Trouble setting up ISA 2004 VPN on SBS server 2003
Ok, I need some real big help on this one.
I have SBS 2003 running a VM with WinServ2003
I have ISA 2004 Installed on SBS 2003
I have configured ISA for VPN
I have created rules to allow external VPN traffic access to the local network
I have a dynamic IP so I use a DynDns domain to find my server
Remote web workplace and OWA can be accessed from outside the network (tried and tested)
So here is my problem
I have a business related application on the VM (winserv2003)
The support team for the app is in Europe (I'm in Egypt)
they need to connect rather urgently to there app to fix some accounting data
I need to set up a VPN with ISA because setting up a VPN with my Linksys Rv042 router failed and no solution could be found. (the client could connect but could not reach the server, the could ping everybody on the network, but just couldn't get in, thats a different post and a different story all together)
When I try to test the VPN with my DynDns domain name, with my user/pass (i'm a remote admin) it just times out (on the local network)
I dont have access to an external network till work is done in about 5 hours, but it still probably wont work, so I'm not to worried about.
I have created a USER account/pass with remote admin privileges for the support team in SBS Server management
This user has no problems logging in to OWA or Remote web workplace.
Where am I going wrong?
I have SBS 2003 running a VM with WinServ2003
I have ISA 2004 Installed on SBS 2003
I have configured ISA for VPN
I have created rules to allow external VPN traffic access to the local network
I have a dynamic IP so I use a DynDns domain to find my server
Remote web workplace and OWA can be accessed from outside the network (tried and tested)
So here is my problem
I have a business related application on the VM (winserv2003)
The support team for the app is in Europe (I'm in Egypt)
they need to connect rather urgently to there app to fix some accounting data
I need to set up a VPN with ISA because setting up a VPN with my Linksys Rv042 router failed and no solution could be found. (the client could connect but could not reach the server, the could ping everybody on the network, but just couldn't get in, thats a different post and a different story all together)
When I try to test the VPN with my DynDns domain name, with my user/pass (i'm a remote admin) it just times out (on the local network)
I dont have access to an external network till work is done in about 5 hours, but it still probably wont work, so I'm not to worried about.
I have created a USER account/pass with remote admin privileges for the support team in SBS Server management
This user has no problems logging in to OWA or Remote web workplace.
Where am I going wrong?
Keith Alabaster
What ports have you given access to on your external router? Have you opened/forwarded the ports required for pptp traffic to the ISA external nic?
ASKER
all incoming ports are forwarded to the server ip 192.168.17.2,
When I did this, OWA started working (i had problems before with OWA, on another post)
the router has ipsec pass through also.
Note. When I enable ipsec on the client side VPN, it gives me the error about lack of certificate. Maybe I should try to import a certificate. But how and where do i get one from?
When I did this, OWA started working (i had problems before with OWA, on another post)
the router has ipsec pass through also.
Note. When I enable ipsec on the client side VPN, it gives me the error about lack of certificate. Maybe I should try to import a certificate. But how and where do i get one from?
ipsec is different and will want either a shared key or certificate to operate. The default vpn on SBS, as I recall, is pptp. Are you allowing GRE passthrough?
ASKER
Yes, gre passthrough is enabled on the router.
So last night I tried at home and nothing. Even my SBS RWW and OWA is not working, only on extensions of my local network. A tracert confirmed that the DNS just routed my DYNDNS strait to the server instead of going around the world. Seems I have more problems than are possible with SBS and VPN. remote access etc.
Hmmm, could you try? Do we have PM on this thing? I'm not releasing vital data on this post...
So last night I tried at home and nothing. Even my SBS RWW and OWA is not working, only on extensions of my local network. A tracert confirmed that the DNS just routed my DYNDNS strait to the server instead of going around the world. Seems I have more problems than are possible with SBS and VPN. remote access etc.
Hmmm, could you try? Do we have PM on this thing? I'm not releasing vital data on this post...
I'm in the UK - and just off to work (7.50AM here). You can get my address from my Profile.
ASKER
ok sent to EE address
Hardly vital data as the required info is behind your firewall. On checking from work, I can't see anything having arrived on my home Exchange servers from you.
ASKER
Sorry, I was in another town on business today. I sent from the company account and your spam filter may have got me, so I just sent from my Hotmail. You can respond to whichever you like, or here. Lets keep other people informed on whats going on so it helps someone else in the future,
Home now and nothing here. have just sent a test to my ee email address from work and that popped up immediately. My anti-virus/anti-spam shows nothing quarantined. Sure it is leaving your end?
ASKER
I sent the email from both my business and Hotmail account, I guess I'm just not able to send to you.
I tried a couple of fixes from MS but to no avail. I attached the error log for you. The fixes I ran where these
http://support.microsoft.com/kb/886621
http://support.microsoft.com/kb/936594
I tried a couple of fixes from MS but to no avail. I attached the error log for you. The fixes I ran where these
http://support.microsoft.com/kb/886621
http://support.microsoft.com/kb/936594
ASKER
Here it is, the error log from fix one where I have to re-enable remote web workplace.
I'm so in over my head on this one...
errorvnp.txt
I'm so in over my head on this one...
errorvnp.txt
ASKER
OK, Its monday and I want to get this solved. here is the current status
1. Remote Web Workplace and OWA cannot be accessed from the web
2. VPN still cannot be accessed.
3. Fix 1 and 2 above do not work for me.
I have created the rules allowing ALL incoming traffic, but that isnt working either (thought I would give it a shot)
Any Ideas out there?
1. Remote Web Workplace and OWA cannot be accessed from the web
2. VPN still cannot be accessed.
3. Fix 1 and 2 above do not work for me.
I have created the rules allowing ALL incoming traffic, but that isnt working either (thought I would give it a shot)
Any Ideas out there?
ASKER
can you try to connect remotely to geteg.office-on-the.net?
Can you tell me the results?
Can you tell me the results?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.