asked on
ASA5510 and ISA 2006
Hi all,
Currently we have a PIX515 as our Internet Edge FW connecting to an ISA 2006 server. We also have remote VPN users who use Windows Dial-Up networking (PPTP) terminating on the PIX. Now we need to replace the PIX with an ASA5510. As this cutover needs to be transparent to the VPN users we will need to terminate the VPN connections on the ISA as the ASA does not support PPTP.
Any suggestions on the best way to allow the passthrough to the ISA server and is there any other stumbling blocks that would be in my way when I replace the PIX with the ASA?
Currently we have a PIX515 as our Internet Edge FW connecting to an ISA 2006 server. We also have remote VPN users who use Windows Dial-Up networking (PPTP) terminating on the PIX. Now we need to replace the PIX with an ASA5510. As this cutover needs to be transparent to the VPN users we will need to terminate the VPN connections on the ISA as the ASA does not support PPTP.
Any suggestions on the best way to allow the passthrough to the ISA server and is there any other stumbling blocks that would be in my way when I replace the PIX with the ASA?
CiscoMicrosoft Forefront ISA ServerVPN
Last Comment
Ernie Beek
ASKER CERTIFIED SOLUTION
Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
If I remember correctly that should only be necessary for outgoing connections. On the other hand, it wouldn't hurt to try.
I'm not an ISA guru, but this might help you, though it's for 2004: http://technet.microsoft.com/nl-nl/library/cc713329(en-us).aspx
If we're lucky, keith_alabaster might drop by (that's the man from I.S.A. :)
I'm not an ISA guru, but this might help you, though it's for 2004: http://technet.microsoft.com/nl-nl/library/cc713329(en-us).aspx
If we're lucky, keith_alabaster might drop by (that's the man from I.S.A. :)
ASKER
Thanks erniebeek.
Your help has saved me hundreds of hours of internet surfing.
fblack61
Thank you (for the points as well), glad I could help.
Would I need to include an inspect PPTP command?
Also, any ideas on the VPN server config on the ISA?