ISA2000, VPN clients not getting IP addresses from DHCP server

Posted on 2005-02-26
Medium Priority
Last Modified: 2010-04-14
I am setting up an ISA2000 server, parallel to an existing server (each on it's own ISP connection into the same LAN) and my latest stumbling block is the VPN client setup.

It's just a simple wizard.  I ran it.  Let it configure the RRAS, rebooted, saw all the new ports in RRAS and then build a connection on an outside computer, connected, established the connection, but couldn't go anywhere on the network.

I didn't have a correct ip address.

The DHCP server is not giving out addresses to this connection.

It is on the other ISA2000 server, the existing one.  Neither ISA server has DHCP installed.  The one that is working is getting addresses from the existing inside LAN dhcp server.

Why am I failing to get addresses for my new ISA server?
Question by:gateguard
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3

Author Comment

ID: 13412583
I figured it out.

You have to go into RRAS, properties on the server, IP tab, and select your inside adapter as the adapter that the RRAS uses to get DHCP addresses from.  The default is "let the RRAS decide".  Evidently it doesn't do a very good job deciding.

Anyway, I don't want to delete this question because I think it could be helpful for others in the future.

If anyone enters anything about ISA servers, particularly with making a certificate work on one of them, I'll have an answer I can click on to close this thing.

I'll tell you, setting up an ISA2000 server is not easy.  ISA2004 is easier, but still querky, and it doesn't have the H.323 gatekeeper, which I need.

Oh, well, back to work...
LVL 57

Accepted Solution

Mike Kline earned 1000 total points
ID: 13412861
Nice work, figuring out your own question, EXCELLENT!!

Some nice links for certificates

Configuring SSL Bridging

Digital Certificates for ISA Server 2004

You are working late on a Saturday :)


Author Comment

ID: 13414005
Thanks for the links.

One more tip, for those who are setting up an ISA2000 server (don't know if this also applies to ISA2004):

To enable the VPN clients to use the inside LAN DNS records, it isn't enough to choose the INSIDE NIC on the pulldown in RRAS server properties, IP tab.  I still was getting DNS failures, even though that tab specifically refers to dhcp AND dns.

What I did to fix the DNS was this:

Add a DHCP relay agent in RRAS.  After that, DNS worked like a charm for VPN clients.

Author Comment

ID: 13414010
Yup.  Not much sleep until this project is complete.

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question