Re: Site to Site works one way!

Have you found a solution to this issue yet? I am having the same issue
with a new SonicWall TZ170 site-to-site......I am able to see remote network
resources from hosts behind ISA, but not from ISA itself.......my branch
office can also reach resources behind ISA..I have spent nearly 3 full days
and lots of suport time trying to resolve this....here is an article I came
across that refers to D-Link VPN's

http://www.isaserver.org/articles/2004isadlink.html



"David Lozzi" <dlozzi@xxxxxxxxxxxxx> wrote in message
news:%23Wc%23YqMtGHA.372@xxxxxxxxxxxxxxxxxxxxxxx
Howdy,

Here's my scenario:

sbs2003pre w/ isa 2004 -- dlink router -- internet -- dlink router --
win2003 w/ isa 2004

Both servers are in the DMZ of each router. The dlinks are there because
these ISA networks are secondary networks. I followed the following link
to
setup the VPN between the two servers:

http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/sitetositevpn.mspx

In addition, i added two firewall polices to each ISA box: From remote
network to internal and local and from internal and local to remote
network,
all protocols. The remote sites are setup as follows:

Address range: internal of each. both different ips (10.0.25.0 and
192.168.7.0)
Each has the external IP address of the other server specified. The ISP's
IP.
Local VPN Gateway IP Address specifies the external ip of isa
(192.168.1.20
and 10.7.7.150 respectively)
IPSEC Settings (from top to bottom)
Phase I tab
3DES
MD5
Group 2
28800
Phase II Tab
3DES
MD5
Generate key every 3600 seconds
Use PFS is checked
Group 2
Authentication is pre-shared key, both the same key

This was working great for quite some time. I went on vacation, came back
and now my remote server is not seeing the SBS server. When i ping the SBS
from the remote server I get Negotiating Security repeatedly. If I ping
the remote server from SBS I get a reply. If I ping the SBS server from a
workstation on the remote network, I will get a few time outs and a few
replies. Its very sporatic. My workstation has Outlook 2003 to connect to
the SBS server and it keeps losing and restoring connections. I've
rebooted the workstation and remote server and restarted ISA Control
service on the SBS server. If I turn on monitoring in ISA on the remote
server and try to access resources on the SBS server from my workstation,
it shows the traffic as initiated and closed, no denies...

Any ideas or suggestions?


--
David Lozzi
dlozzi@(remove)delphi-ts.com
www.delphi-ts.com





.

Relevant Pages

  • Re: ISA 2006 configuration question - multiple VLANs and domains
    ... very familiar with network segments vs. domains et. al. ... multihomed ISA 2006 server forward a DHCP request to the proper VLAN ... ISA is a Firewall Product designed to protect a network from the Internet. ...
    (microsoft.public.isa.configuration)
  • RE: Poor XP network performance 2003 LAN
    ... We have 3 meg bonded T1 in Corp office and the network is as follows, ... when I remote VPN into the LAN I can ... pull data from shared drive on the server or shared folders on PC's. ... However if I setup a Linux or Mac OSX ...
    (microsoft.public.windows.server.general)
  • RE: Firewall service and remoteaccess service shut down frequently
    ... Do you have run the CEICW after installing the ISA components? ... please open SBS server management console, ... Click the Add Adapter button, and add your internal network adapter ... Meanwhile, from the subject, you said you the firewall service and RRAS ...
    (microsoft.public.windows.server.sbs)
  • Can Not connect to IPC$ Share while processing a CCR
    ... CCM log shows the SMS server successfully connecting to the Admin$ share, but the attempt to connect to the IPC$ shares of these systems fails with an error 5. ... Logical Disk Manager Administrative Service ... Network Associates Task Manager ... Remote Access Auto Connection Manager ...
    (microsoft.public.sms.setup)
  • Re: VPN breaks after installing patches
    ... I have just received your email due to some network traffic problems. ... access the network shares was denied by ISA Server. ... Open the Server management console, navigate to "Internet and E-mail", ...
    (microsoft.public.windows.server.sbs)
Loading