corpdsinc
asked on
Can't RDP into servers after connecting to PPTP
We have a small business essential server. Our security server which has RAS running on it allows PPTP connections however after you connect and get an IP you can't ping or RDP to any of the servers or workstations on the lan. Is this a rule on the forefront management ?
My condolences on your purchase of EBS, at least you will get a free upgrade soon to break it apart and de-mystify it. There are a number of tweaks you will want to do to make it work, have a look at my collection here: http://www.tek-tips.com/viewthread.cfm?qid=1477396&page=1
Regards,
Mark
Regards,
Mark
Sounds like you need a PHD in VooDoo to deploy EBS.
I was among the first 3000 people in the US to get certified in it and can tell you the product just wasn't ready for prime time. I work for a MS Gold Certified Partner and we deployed the first production install of the RTM code worldwide and had lots of problems working with it. My notes referenced above are from working directly with the MS product team.
The good news is that MS realized their mistake and has killed the product. People that purchased EBS will get a free upgrade pack in the coming months (June or July I believe). They will get standalone media that will let then break apart the servers and do away with TMG if they want.
The good news is that MS realized their mistake and has killed the product. People that purchased EBS will get a free upgrade pack in the coming months (June or July I believe). They will get standalone media that will let then break apart the servers and do away with TMG if they want.
The bad news is that MS wasn't sharp enough to see those mistakes before the made them.
I think if someone dropped TMG that would be a bad thing, it is an excellent product, it just takes someone knowing what they are doing with it. People used to ISA could probably deal with TMG with their eyes closed.
But spliting the product components into separate machines is a good thing,...a very good thing.
I think if someone dropped TMG that would be a bad thing, it is an excellent product, it just takes someone knowing what they are doing with it. People used to ISA could probably deal with TMG with their eyes closed.
But spliting the product components into separate machines is a good thing,...a very good thing.
ASKER
Thanks guys. So...what firewall rule do I need to add to allow VPN traffic...sorry I am definitely not an Forefront expert.
I gave you the Rule specs in my first post.
Did you implement the TMG tweaks I pointed you to?
ASKER
Thanks for all of your help with this. I am going to make the firewall change now. Question though, everytime I apply a new rule to Forefront TMG the entire network disconnects and the sever has to be hard / power cycled. Is this a known issue?
thanks
thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
In TMG you need an access rule such as:
From: "VPN Users Network"
To: "Internal" (or a specific Computer Object)
Protocols: <whatever is needed>
Users: <whatever is needed>