Re: Disable PPTP VPN rules makes no difference!

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Danny (d_codling_at_hotmail.com)
Date: 06/03/04

• Next message: Jim Harrison [MSFT]: "Re: Services using the same port restarting ISA"
• Previous message: Billy K: "routing rules"
• In reply to: A Klimkin: "Re: Disable PPTP VPN rules makes no difference!"
• Next in thread: Phillip Windell: "Re: Disable PPTP VPN rules makes no difference!"
• Reply: Phillip Windell: "Re: Disable PPTP VPN rules makes no difference!"
• Messages sorted by: [ date ] [ thread ]

---

Date: 3 Jun 2004 08:50:31 -0700

I have an ISA server installed in firewall mode a client that is not
listed in the LAT. I can still establish a PPTP (haven't tried L2TP)
VPN connection to the ISA server, even though I've A) disabled the
PPTP packet filter rules and B) gone on to disable the entire ISA
Services.

Basically I discovered that disabling the PPTP rules in ISA Server
made no difference what so ever, so I began testing

"A Klimkin" <aklimkin at mail dot ru> wrote in message news:<ee3XpNUSEHA.3988@tk2msftngp13.phx.gbl>...
> What VPN connections do you talking about? Outbound or inbound, PPTP or
> L2TP? What is your network configuration - do you have your ISA server
> installed side-by-side with another hardware firewall or do you have a
> back-to-back configuration in place? What is your clients configuration -
> SecureNAT of firewall, or maybe both?
>
> "Danny" <d_codling@hotmail.com> wrote in message
> news:b3587fea.0406030011.156fb2ce@posting.google.com...
> > Hi All,
> >
> > I've just noticed that when I disable all of the four rules created by
> > the 'allow VPN connections' wizard in ISA server 2000, I can still
> > establish VPN connections....this doesn't seem logical to me, can
> > anyone explain.
> >
> > My understanding now is that I can ditch ISA Server and just establish
> > VPN connections using RRAS - saving our company some money! (we have a
> > hardware based firewall in place also)

---

• Next message: Jim Harrison [MSFT]: "Re: Services using the same port restarting ISA"
• Previous message: Billy K: "routing rules"
• In reply to: A Klimkin: "Re: Disable PPTP VPN rules makes no difference!"
• Next in thread: Phillip Windell: "Re: Disable PPTP VPN rules makes no difference!"
• Reply: Phillip Windell: "Re: Disable PPTP VPN rules makes no difference!"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: CEICW fails - several errors ... The firewall isn't used when ISA is installed. ... On the WAN NIC of your server the DNS has to point to the LAN IP. ... I immediately checked and ISA Server ... (microsoft.public.windows.server.sbs) RE: ISA2004 client firewall slow webpage loading ... have you configured this new client as web proxy client? ... configure ISA server as your Proxy ... stop the Microsoft Firewall service. ... (microsoft.public.windows.server.sbs) Re: CEICW fails - several errors ... On the WAN NIC of your server the DNS has to point to the LAN IP. ... Ethernet adapter Internet Connection: ... I immediately checked and ISA Server ... Management said that Web Proxy, Firewall and ... (microsoft.public.windows.server.sbs) ISA Spoofing Issue Using Second Firewall with One to One NAT ... Two tier firewall implementation segmenting the Internet, ... ISA Server configured with packet filters ... facing firewall's one to one NAT are seen as a spoof by ISA. ... (NT-Bugtraq) RE: [fw-wiz] Strange setup ... I have done similar designs with a Cisco PIX and ISA server. ... configure the firewall to only a allow traffic on ports 80 and 443 from ... the ISA server is on the internal network and a static NAT ... > Internet hosts). ... (Firewall-Wizards)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > ISA  > microsoft.public.isa  > 2004-06