Avatar of ianmclachlan

asked on 

ISA 2004 - W2k3 .....VPN will not work.......at all

Hi Guys,

VPN with Radius authentication

Quick question :

1.  When configuring ISA VPN shouldn't RRAS get enabled and configured automatically by ISA.  If so, then this is my problem.  My RRAS doesn't appear to get enabled/configured.  Tried re-installing ISA, even the whole 2003 server due to a corrupt ghost image.  Still the same issue.

Have notice a couple of errors in the event log :

 a)  MSSQL$MSFW  Event id 19011   ....something about not enough registry info or use /AUXSOURCE=flag message dll.  - (Basically the SQL icon in the task bar is blank ie. no server/configuration details).  Thought this was something to do with logging, so have dismissed it as the cause of VPN not working.

b)  Got another error about how the NETWORK SERVICE account could not access/write to  the HKLM/system/current/service/remoteaccess/paramenters/IP section of the registry.  Fixed this by giving it the correct permissons.

Have re-installed, with different combinations(Reg edit then install, enable RRAS then install etc...) with the same results above.  Server is 2003 sp1 ISA 2004 sp1

I am positve that I have set it up properly (Radius, remote access policies  etc...)  In logging, can see the PTPP request coming in and it hitting the correct system rule - lafter a wee while looks as though it timesout and closes the connection.  Get 721 no respond at the client after it tries to authenticate the username/password.  Have tried basic VPN using RRAS for authentication.  Same problem.

Convinced its RRAS.

Anyone any ideas?



Software Firewalls

Avatar of undefined
Last Comment
Keith Alabaster
Avatar of Keith Alabaster
Keith Alabaster
Flag of United Kingdom of Great Britain and Northern Ireland image

Have you actually enabled the vpn within ISA?
Have you created the rules allowing VPN client --> Internal etc?
Are your users getting prompted for a username/password or is the timeout before this point?
Is your external router/firewall allowing GRE traffic to pass?
If you setup an IPSEC VPN instead, does this work OK?
Any update?
Avatar of ianmclachlan


Hi Keth,

Thanks for your reply.

I have enabled the VPN
The VPN system rule is automatically created when you enable VPN and I have checked its there and confirgured properly VPN Client (external going to internal) etc....
Router allows GRE traffic to pass
Not tried an IPSEC VPN yet, however, what was your thinking about why this would work?

Any help would be appreciated.



Avatar of Keith Alabaster
Keith Alabaster
Flag of United Kingdom of Great Britain and Northern Ireland image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Software Firewalls
Software Firewalls

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo