ISA2004 VPN Authetication error

Posted on 2005-05-11
Last Modified: 2008-02-01
Hi experts,
I have recently installed ISA2004 on a windows2003 server. I have set up all required access, Internet, OWA, FTP & VPN. Which all work successfully except for VPN. Keeping in mind that my ISA's external IP is connected through to a Belkin wireless router, then onto the Internet, with the correct ports open (PPTP,FTP,SSL,SMTP) to the internet. I can connect to my VPN server via telnet from a remote PC. Users can connect but not authenticate, the error 806 is the message that I get when users authentication fails.
If I connect to the ISA servers external IP ( from a pc with in the same 192.168.2.* range VPN works, can any body assist with this error?
Question by:Srrjohnson
    LVL 15

    Expert Comment

     Your router is probably blocking GRE 47.
     Some router by default block GRE 47 which is required fro VPN to work

    GRE 47 and 1723 must be fowarded to you VPN server.

    To Verify my theory put your server on the DMZ for a few minutes and try to connect your VIA VPN.

    Let me Know


    Author Comment

    Thanks Vico,

    I gave both the 1723 port open and the GRE protocol on the router open. I have given a computer a DMZ address of which is in the same range as the ISA2004 servers external IP address and it Authenticates perfectly. Gives me an IP address from the correct INternal address. Can mapp drives.
    Your thoughts?

    Author Comment


    An added thing here is, GRE is protcol 47 not a port number, how do I add that to arouter that only has port settings to adjust.

    LVL 15

    Expert Comment

    My mistake I was not clear enough Many of the new router has this issu. I am not sure that belkin is one of them. However I would try a different router. Since it sound that your restriction is coming from the router. I have seen this problem with many other network.
    LVL 26

    Accepted Solution

    Do you have the firewall enabled on the router? The routers firewall is most likely blocking your VPN authentication protocols, had the same problem with a linksys wireless router.

    You can test it with the firewall disabled, if successfull then you can consider playing with the port forwarding options in the management console of the router. Sorry I don't have more details, as I am also still busy configuring the port forwarding for the VPN with firewall on the router enabled.

    Author Comment

    The Belkin Wireless/Router supports VPN pass through as I have successfully connected a another external VPN network. But willing to try turning of the firewall.


    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    Monitoring LINUX with SCOM 2012 12 78
    UEFI Boot Issues 12 77
    Key Card and Motion Sensor 1 205
    AS400 Logging Print device 2 65
    Hello I read in a discussion about a person who configured a very simple mirror RAID with two hard drives; the system and data were on the same partition. He asked how to repair the system as it was not booting up anymore. In his case running …
    Sometimes a user will call me frantically, explaining that something has gone wrong and they have tried everything (read - they have messed it up more and now need someone to clean up) and it still does no good, can I help them?!  Usually the standa…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now