Solved

Cannot add server to valid remote access servers in AD

Posted on 2009-05-03
10
4,737 Views
Last Modified: 2012-06-22
Hello,

I am attempting to setup a VPN server but are running into difficulties. I have setup ISA 2006 Enterprise Edition on Server 2003 but when I attempt to Enable VPN Client Access from the tasks tab, I receive this warning:

"One or more computers in this array cannot be added to the list of valid remote access servers in Active Directory. Before a computer can be used as a remote access server, the domain administrator must complete this task."

Our DC is Windows Server 2008. I have looked in AD but I cannot find the location where I should be adding this server.

Can anyone assist please?

Cheers
Pete
0
Comment
Question by:Pete_Zed
  • 5
  • 4
10 Comments
 
LVL 14

Expert Comment

by:Raj-GT
ID: 24302563
Is your ISA Server a domain member and do you have File and Print Sharing enabled in the Internal interface of ISA?
0
 
LVL 8

Author Comment

by:Pete_Zed
ID: 24302577
Yes it is a domain member and yes file and print sharing is enabled.
0
 
LVL 14

Expert Comment

by:Raj-GT
ID: 24302689
You should have a group called "RAS and IAS Servers" in your AD. Adding the ISA server to this group should do the trick.
0
 
LVL 8

Author Comment

by:Pete_Zed
ID: 24308504
Unfortunately no, it didn't work. I have also tried to reboot thinking that it may have kicked into life once a reboot was performed. Still the same message.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 14

Expert Comment

by:Raj-GT
ID: 24309463
Did you install ISA using a domain admin account? As far as I know, ISA should've added itself to the group during the install.

Check and see if you have all the updates installed for ISA and Server 2003 host. If that's the case, I would suggest you flatten and rebuild the ISA Server on a basic Server 2003 install if at all possible.
0
 
LVL 8

Author Comment

by:Pete_Zed
ID: 24310798
Yep, I used the domain admin account. I thought I might have to start again. It seemed that I was the only person having this problem. I will let you know how I get on.
0
 
LVL 8

Author Comment

by:Pete_Zed
ID: 24319249
I have rebuilt the server from scratch and the problem still persists. Do I need to setup any firewall policy rules to allow contact to a DC to allow the ISA server to talk to it correctly?
0
 
LVL 8

Accepted Solution

by:
Pete_Zed earned 0 total points
ID: 24321921
The solution is to remove the external DNS entries from the external NIC IP configuration. It seems that ISA was looking through the external NIC for AD rather than the internal network - weird.
0
 
LVL 14

Expert Comment

by:Raj-GT
ID: 24322560
We learn something new everyday :-)

When configuring interfaces in ISA, you shouldn't enter any DNS entries on the externl NIC. Use the internal NIC and always use the internal DNS servers for resolution. Also make sure the external NIC is the only NIC with a default gateway entry and uncheck "Client for Microsoft Networks" and "File and Print sharing" from it.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now