Solved

RRAS Internal Interface Not Available / Non-Operational

Posted on 2009-05-10
14
2,859 Views
Last Modified: 2012-08-14
I have a Isa 2006 Enterprise Edition instaled on Windows 2003 Sp1, with RRAS instaled.

At this moment i have all VPN´s down because the RRAS is with internal network unavailable and the user can´t authenticated with the DC´s.
And i don´t know why this hapens no core changes or configurations was made.
Anybody can point some directions to solve this problem.
The cache is also unavailable on this server.

Regards
0
Comment
Question by:David Paris Vicente
  • 8
  • 4
14 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 24357754
For starters, you use either RRAS or ISA - not both.

ISA installs competely locked down, so you'll need to setup some rules and publish the VPN server so that the external interface can route VPN requests to the server.

Check this site:  www.isaserver.org for tutorials and articles on how to set this up.

0
 
LVL 12

Author Comment

by:David Paris Vicente
ID: 24362396
Thats odd because i have the isa servers with RRAS installed on both server´s and the both work well, until now.
0
 
LVL 12

Author Comment

by:David Paris Vicente
ID: 24368348
Wright now i have the isa services up except the remote access service, because if this service is up the vpn user´s receive a message of windows authentication failure.
And on the routing and remote access server the ip routing > general view my internal interface still have the operational status of non operational and ip not available.
Hope this help some body to point me on some directions.
Thank you
0
 
LVL 51

Expert Comment

by:Netman66
ID: 24370638
In ISA, you need to make sure the networks are correctly configured as external, internal and localhost - then apply the proper trust to each.  Access rules and server publishing will be necessary to get everything talking.

You can use ISA's monitoring to see what is being blocked and why.

0
 
LVL 12

Author Comment

by:David Paris Vicente
ID: 24383373
Thank you Netman for your help, everything has the proper trust.
The one thing that is not working well is VPN access thru my isa02 and i believe the problem is on my rras server, i already try to everything and search on internet for the resolution and nothing.
When the user´s access to the vpn thru isa01 (this work fine) they gain a ip adress  from the range address define on the static address pool on ras server.
The only difference between this two is the status of internal interface define on ip routing - > General of the RRAS server
I will attach a file with my RRas print screen of my ras server on ISA01 and ISA02 for your appreciation.
 

ISA01.bmp
ISA02.bmp
0
 
LVL 51

Expert Comment

by:Netman66
ID: 24383474
Is there a link light on that NIC?  Could there be an issue with the switch port it's attached to or maybe even the patch cable?

Can you give me an IPCONFIG /all from Server 2?

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 12

Author Comment

by:David Paris Vicente
ID: 24383679
Do you need to see the IP´s config?
The diference between IPCONFIG /all from 01 and 02 is on 01 i have PPPadapter RAS server (Dial In) Interface and on 02 i dont.
0
 
LVL 12

Author Comment

by:David Paris Vicente
ID: 24387315
If i force the VPN connection to with RRAS server on ISA02 i receive an error message with the code 691 you don´t have permissions to dial in.
But if i go with RRAS server Isa01 i succeed with no error´s.
All my VPN user´s have permissions to dial in maybe my ISA02 are denied something, anu sugestions?.
0
 
LVL 12

Author Comment

by:David Paris Vicente
ID: 24387344
On my RRAS Server in ISA 01 have remote policies on the RRAS Server in ISA02 dont.
Why they disappear?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 24387375
No idea.

0
 
LVL 12

Author Comment

by:David Paris Vicente
ID: 24388373
When i try to create the policies RRAS give me unspecified error when i finish the rule.
0
 
LVL 12

Accepted Solution

by:
David Paris Vicente earned 0 total points
ID: 24394174
Problem solved.
Thanks for your help netman.
The solution was copy IAS.mdb
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now