Re: ISA2004 VPN troubles
- From: the Dude_Abides <dude.abides@xxxxxxxxxx>
- Date: Sat, 21 May 2005 02:10:01 -0700
I run a Certificate based L2TP VPN using IAS (lets call it by its correct
name), radius needs to be setup in 2 ways before it works
1. the IAS (if you are using a Non microsft radius implementation, then
sorry i cant help) server Has to be a member server of your domain, and
registered in active directory. When the IAS server has been registers you
need to setup a radius client for your VPN authenication sever (in this case
your isa 2004 server) when you setup the radius client on your IAS server you
will define a shared secret,
2. beacause you are running isa 2004 you will need to setup your radius
authentication on your authentictaion server twice once in the ISA management
console and once in RRAS itself, make sure you have a rule setup on to allow
radius authentictaion from external to localhost and internal.
Setting up a VPN in this way is really complex (it took me over 2 weeks to
get it running correctly) and i used this document which helped me no end.
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/networking/rmotevpn.mspx#EEAA, let me know how you get on.
"Faisal [MSFT]" wrote:
> Please do it as suggested by Daphne Levy, it looks like RADIUS issue.
>
> Thanks,
> Faisal
> "JanC" <JanC@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:E8F3DE77-8E5A-45DA-B089-578EDF985C58@xxxxxxxxxxxxxxxx
> > It's not a problem with the IAS / Radius. I have exact the same problem
> > and I
> > think the problem is that not all the ports are open or a group rights
> > problem.
> >
> > "Daphne Levy [MSFT]" wrote:
> >
> >> It looks like authentication against the RADIUS server fails. Try using
> >> the
> >> ISA log monitor to see if RADIUS packets are dropped, and look for
> >> relevant
> >> events in the RADIUS server itself (if the RADIUS server denies a
> >> request,
> >> it will probably log a relevant event).
> >>
> >> --
> >> Thanks,
> >> Daphne
> >>
> >> -----------------------------------------------------------------------------------------------
> >> This posting is provided "AS IS" with no warranties, and confers no
> >> rights.
> >>
> >> "MC" <seaedsit@xxxxxxxxxxx> wrote in message
> >> news:usfQLQ8VFHA.1508@xxxxxxxxxxxxxxxxxxxxxxx
> >> > When I try to connect to my ISA 2004 box via VPN (PPTP or L2TP) I
> >> > always
> >> > get
> >> > error 619 AFTER user authentication.
> >> > User authentication is performed via Radius. The ISA box is not member
> >> > of
> >> > the domain. IAS is installed on a DC. When I configure not to use
> >> > Radius
> >> > authenitcation works fine.
> >> >
> >> > Client is Windows XP SP2.
> >> >
> >> > Any ideas ?
> >> > Thanks
> >> > MC
> >> >
> >> >
> >> >
> >>
> >>
> >>
>
>
>
.
- References:
- ISA2004 VPN troubles
- From: MC
- Re: ISA2004 VPN troubles
- From: Daphne Levy [MSFT]
- Re: ISA2004 VPN troubles
- From: JanC
- Re: ISA2004 VPN troubles
- From: Faisal [MSFT]
- ISA2004 VPN troubles
- Prev by Date: Re: ISA2004 VPN troubles
- Next by Date: Problem with VPN's on ISA Server 2004 SP1
- Previous by thread: Re: ISA2004 VPN troubles
- Next by thread: ISA 2004 Site to Site Verbindung geht; Ping geht nicht
- Index(es):
Relevant Pages
|
|
