I am having difficulties connecting via VPN with IPSEC to our ISA 2006 Server. Connecting using PPTP will work just fine. I'll describe the environment, then the steps I've taken.
The ISA 2006 Server is directly connected to the internet on a Windows 2003 Server Standard R2 SP2. The server is a Dell Poweredge 860 with a 2 NIC configuration. (one external, the other internal) The ISA Server is a member of the domain.
The client pc is a Dell Latitude D820 laptop with Windows XP SP2. The laptop is connected to the internet via DSL. The laptop is also a member of the same domain.
The user for authentication is a Domain Admin.
The dial in permissions in AD have been set to allow.
Created the rule "allow VPN User to Internal"
Using the built in XP networking connectoid, the client laptop was able to make a successful connection using PPTP. After that I tried to use just a pre-shared key for an L2TP ipsec connection, which returned a RAS 800 Error.
I then issued client & server certificates to the laptop and server from a standalone CA. Then issued ipsec certificates from the same CA in the same domain. The certificates were installed to the local computer store and exported and imported to the trusted root certicates store as per the Microsoft kb.
Restarted the RAS service on ISA and tried again and was returned with a 678 error on the laptop. Tried checking and unchecking the preshared key option, but same result.
Confirmed the LDAP settings in ISA, VPN access is configured for domain users. IP assignment is handled by DHCP. Tried configuring IP Filtering on/off. All with no luck.
The response from the ISA log is "unspecified ip traffic" from the client ip address.
Is there something I'm missing? Any help would be appreciated.
(I asked this question before and Keith A helped out, but the project was temporarily suspended and the original questions was deleted.)
Start Free Trial
