We help IT Professionals succeed at work.

VPN using Smoothwall, ISA 2006 and Server 2003

EdMacFly
EdMacFly asked
on
I'm attempting to configure my company network to allow our external sales force to connect to our internal server via VPN. I have read various tutorials but am still not sure the best way to do this. The network setup we have here is as below:

EXTERNAL LAPTOP -> {INTERNET} -> SMOOTHWALL -> ISA 2006 -> SERVER 2003

Do I need to configure both the ISA box and the Server to accept VPN connections?

Has anyone got any links to some in depth tutorials for setting up a VPN connection with similar structure to mine?

Should the Smoothwall firewall just forward the connection through? What ports would it need open?

Sorry for all the questions, hope someone can shed some light.

TIA
Comment
Watch Question

IF ISA Server do have use external IP (or not placed to DMZ zone), you need to setup your SMOOTHWALL AND ISA.
ON SMOOTHWALL you need forward ports:
PPTP  - Port 1723 Type TCP (if you like use PPTP connection)
IPSEC : Port 500 Type UDP (if L2TP)
And enable passthrough of GRE protocol

On ISA use master for new VPN connection - it is very easy.
You could consider to use pfsense instead of smoothwall and anyway try to exlude PPTP connection and use IPsec only VPN

Author

Commented:
als315 - the smoothwall box has the external IP assigned to it so all attempted connections will hit that first.

How do I use master for new VPN connections?

Thanks for the replies.
If all necessary ports are forwarded to ISA, go to ISA Management, open server, find Virtual Private Networks (VPN)) and on the right side (Tasks) will be asters with some steps.

Author

Commented:
Managed to get this working but with some outstanding issues that I will leave for another question. My solution was to download an addon that allows for all of the ports mentioned in the first post to be correctly forwarded.