Solved

ISA 2006 VPN Connection

Posted on 2010-09-06
10
423 Views
Last Modified: 2012-05-10
I've set-up a VPN connection using ISAs wizards and have managed to connect my laptop to the VPN and obtain an IP address via DHCP. I cannot however access any machines on the internal network nor has the DHCP given out the correct default gateway of the internal network, IPCONFIG shows default gateway as 0.0.0.0. Any ideas what could be wrong?
0
Comment
Question by:EdMacFly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 

Author Comment

by:EdMacFly
ID: 33610313
As a further note, the machine that is connecting is a Windows 7 machine. Also, within the ISA Alerts, it appears that the VPN connection has triggered an IP spoofing warning.
0
 
LVL 7

Expert Comment

by:Mohamed Khairy
ID: 33610518
Did you create the firewall policy that enable the communication from VPN network to Internal network?

Also, Go to networking and tell me what is the network rule relation on the VPN network rule.


VPN-Policy.jpg
VPN-NETWork.jpg
0
 

Author Comment

by:EdMacFly
ID: 33610605
Both the rule and policy look the same as your screenshots.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Expert Comment

by:Mohamed Khairy
ID: 33610737
Ok, make confirm that you can ping the internal network from the localhost.

Also, try to change the DHCP option on the ISA server to be taken from static address range.

0
 

Author Comment

by:EdMacFly
ID: 33610786
I cannot ping from the VPN client. Should I try setting a static address or has that revealed the problem?
0
 
LVL 6

Accepted Solution

by:
Hisham_Elkouha earned 500 total points
ID: 33610818
try creating a new rule that allow connection from VPN clients and Local host to Internal Network
0
 

Author Comment

by:EdMacFly
ID: 33610952
That's done it! Excellent. After connecting I could ping the ISA box using it's name but I could not ping the DC using it's name nor could I connect to it without using it's IP address. Any idea why that information is not getting through?
0
 
LVL 7

Expert Comment

by:Mohamed Khairy
ID: 33610967
I can see from the previous steps that the error may be in the DHCP, you said that you can successfuly taking an Ip address from the DHCP and the error in the default gateway so we can make one more check on the DHCP options as follow:

Go to the DHCP and open the scope that you were assigned before to the VPN users and check the scope option for router ( optionn 003 ) and make confirm that the correct GW is available.

0
 
LVL 7

Expert Comment

by:Mohamed Khairy
ID: 33610975
Also check the DNS setting on the DHCP scope options.
0
 

Author Comment

by:EdMacFly
ID: 33611013
Right! I've checked those points and everything seems fine. I can now access internal resources so that is good and have also found that I can make an rdp connection to the DC using it's FQDN rather than just it's name which is fine.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question