RRAS Internal Interface Not Available / Non-Operational
I have a Isa 2006 Enterprise Edition instaled on Windows 2003 Sp1, with RRAS instaled.
At this moment i have all VPN´s down because the RRAS is with internal network unavailable and the user can´t authenticated with the DC´s.
And i don´t know why this hapens no core changes or configurations was made.
Anybody can point some directions to solve this problem.
The cache is also unavailable on this server.
Regards
At this moment i have all VPN´s down because the RRAS is with internal network unavailable and the user can´t authenticated with the DC´s.
And i don´t know why this hapens no core changes or configurations was made.
Anybody can point some directions to solve this problem.
The cache is also unavailable on this server.
Regards
ASKER
Thats odd because i have the isa servers with RRAS installed on both server´s and the both work well, until now.
ASKER
Wright now i have the isa services up except the remote access service, because if this service is up the vpn user´s receive a message of windows authentication failure.
And on the routing and remote access server the ip routing > general view my internal interface still have the operational status of non operational and ip not available.
Hope this help some body to point me on some directions.
Thank you
And on the routing and remote access server the ip routing > general view my internal interface still have the operational status of non operational and ip not available.
Hope this help some body to point me on some directions.
Thank you
In ISA, you need to make sure the networks are correctly configured as external, internal and localhost - then apply the proper trust to each. Access rules and server publishing will be necessary to get everything talking.
You can use ISA's monitoring to see what is being blocked and why.
You can use ISA's monitoring to see what is being blocked and why.
ASKER
Thank you Netman for your help, everything has the proper trust.
The one thing that is not working well is VPN access thru my isa02 and i believe the problem is on my rras server, i already try to everything and search on internet for the resolution and nothing.
When the user´s access to the vpn thru isa01 (this work fine) they gain a ip adress from the range address define on the static address pool on ras server.
The only difference between this two is the status of internal interface define on ip routing - > General of the RRAS server
I will attach a file with my RRas print screen of my ras server on ISA01 and ISA02 for your appreciation.
ISA01.bmp
ISA02.bmp
The one thing that is not working well is VPN access thru my isa02 and i believe the problem is on my rras server, i already try to everything and search on internet for the resolution and nothing.
When the user´s access to the vpn thru isa01 (this work fine) they gain a ip adress from the range address define on the static address pool on ras server.
The only difference between this two is the status of internal interface define on ip routing - > General of the RRAS server
I will attach a file with my RRas print screen of my ras server on ISA01 and ISA02 for your appreciation.
ISA01.bmp
ISA02.bmp
Is there a link light on that NIC? Could there be an issue with the switch port it's attached to or maybe even the patch cable?
Can you give me an IPCONFIG /all from Server 2?
Can you give me an IPCONFIG /all from Server 2?
ASKER
Do you need to see the IP´s config?
The diference between IPCONFIG /all from 01 and 02 is on 01 i have PPPadapter RAS server (Dial In) Interface and on 02 i dont.
The diference between IPCONFIG /all from 01 and 02 is on 01 i have PPPadapter RAS server (Dial In) Interface and on 02 i dont.
ASKER
If i force the VPN connection to with RRAS server on ISA02 i receive an error message with the code 691 you don´t have permissions to dial in.
But if i go with RRAS server Isa01 i succeed with no error´s.
All my VPN user´s have permissions to dial in maybe my ISA02 are denied something, anu sugestions?.
But if i go with RRAS server Isa01 i succeed with no error´s.
All my VPN user´s have permissions to dial in maybe my ISA02 are denied something, anu sugestions?.
ASKER
On my RRAS Server in ISA 01 have remote policies on the RRAS Server in ISA02 dont.
Why they disappear?
Why they disappear?
No idea.
ASKER
When i try to create the policies RRAS give me unspecified error when i finish the rule.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ISA installs competely locked down, so you'll need to setup some rules and publish the VPN server so that the external interface can route VPN requests to the server.
Check this site: www.isaserver.org for tutorials and articles on how to set this up.