Re: Two 2006 Questions

From: Larry Heimendinger <LarryHeimendinger@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 28 Mar 2008 08:48:02 -0700

1. I am aware of the edge connector vs. VPN issue. The ISA server will be
an edge protector for the remote office, and the ISA server at the main
office and the remote office will each establish a VPN to the other allowing
all traffic to flow outward. That was never an issue.

2. Cabling. The Clearwire modem is plugged into the External facing NIC on
the ISA server. Internet connection established and working well. When I
unplug the existing DSL modem - there is only a patch cable to the internal
LAN switch - i simply plug the patch cable into the internal lan NIC on the
ISA server. No other cables are moved or altered.

3. I understand about the broadcasts. Won't DHCP advertisements also be
broadcasts? To wit, when issue IPCONFIG /RENEW command from a desktop, I can
see the DCHP attempts on the ISA monitor log being denied. They are headed
to 255.255.255.255 as well, it seems. Oh, to mention, I have DHCP set up in
system policy.

4. I am familiar with the ISA tutorials you listed, but there is not much
sense troubleshooting the VPN - which isn't ready to be hooked up yet - when
I can't get the internal LAN to work with DHCP.

5. This still leaves on the table my question about local machine log vs
domain log on for the remote ISA server. For a remote branch office with no
DC, how would the ISA server authenticate at start up? Do I have to lug the
remote file server to the main office to promote it to a DC first to get
local authentication? Doesn't seem like that is generally practical.

In conclusion, what has me stumped is not the VPN but the fact that the
W2003 machine on the internal network which has a static address is not
handing out leases to the other internal machines; it looks like ISA is
reporting failed to connect.

Thanks.
.

Follow-Ups:
- Re: Two 2006 Questions
  - From: Phillip Windell

References:
- Two 2006 Questions
  - From: Larry Heimendinger
- Re: Two 2006 Questions
  - From: Phillip Windell

Prev by Date: Re: Two 2006 Questions
Next by Date: Re: Two 2006 Questions
Previous by thread: Re: Two 2006 Questions
Next by thread: Re: Two 2006 Questions
Index(es):
- Date
- Thread

Relevant Pages

Internal Clients cant VPN to External VPN Server(s)
... We need to VPN to a number of our customers networks to ... but can't get internal VPN's to go thru the ISA server. ... External VPN clients can connect with PPTP to the ISA server without ... Surfing the internet, ftp etc from Internal clients to external, work ...
(microsoft.public.isa.vpn)
Re: Need to VPN from ISA to ISA
... You have to setup a Site-to-Site VPN with the two ISA Servers. ... the same thing as a user-initiated Remote Access VPN. ... Microsoft ISA Server Partners: Partner Hardware Solutions ...
(microsoft.public.isa)
Re: Allow OWA to VPN Branches
... User get to OWA directly by traversing the Cisco VPN boxes and do not ... Microsoft Internet Security & Acceleration Server: ... Microsoft ISA Server Partners: Partner Hardware Solutions ...
(microsoft.public.isa.vpn)
Re: VPN Upstream connection
... I am configuring a new ISA Server. ... local to remote vpn connections, and I'm not too sure of the answer. ... Local computer connects out through ISA via VPN to a remote computer ...
(microsoft.public.isa.configuration)
Problems with ISA 2004 VPN availability
... I have a problem with ISA Server 2004 VPN service. ... DLL files to display messages from a remote computer. ...
(microsoft.public.isa.vpn)