Re: ISA 2004 and Point-to-point private line ... complicated!

Are you passing the default DNS Domain suffix by DHCP?

Does a tracert initiated from the ISA server to something in the remote
office get routed the correct way? If not, you'll need to add a persistent
static route on the ISA server to send that traffic to the Cisco router on
your end of the private line.

Ray

"TRichards" <richards@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:OicYpqOWGHA.4920@xxxxxxxxxxxxxxxxxxxxxxx
We have been running ISA 2004 SP1 here on our main corporate network just
fine. Remote office and other remote users in various geographical
locations use VPN connection to access corporate network. We recently
added a point-to-point private T1 between main corporate office and
largest remote office. Cisco 1841 routers terminate the P2P at both ends
and in turn, plug directly into switches. DHCP has been setup on the
remote office router with pointers back to corporate office DNS and WINS.

Ipconfig on remote office hosts show all the correct IP, SM, GW, DNS and
WINS.

Remote office users can now directly connect to corporate file shares and
access Internet without a VPN connection.

Remote office user problems:
====================
Outlook without VPN can no longer connect to our Exchange server. Note:
Remote office hosts can ping exchange server by it's name.
Default http://intranet will not resolve, but they can connect to Internet
sites coming back through routers and out corporate ISA server.

Corporate servers behind ISA are SecureNAT with default GW pointing to
internal ISA NIC. (Is this the problem!?!?)
ISA external NIC GW points to ISP, ISA internal GW is blank.


Partial solutions:
===================
Created an access rule called 'P2P Access' that allows all OB, from:
Internal and Local host, to: Internal and Local host and all users
(recommended by M$ during $245 support call).

Added remote office subnet to Internal Networks on ISA.

Any help in this matter will be greatly appreciated. Thank You.






.

Relevant Pages

  • Re: ISA 2004 and Point-to-point private line ... complicated!
    ... Remote site has Internet access through P2P then through ISA. ... Internet access and it has to come through the P2P. ... Does your remote office have any Internet access at all? ... Internet sites coming back through routers and out corporate ISA server. ...
    (microsoft.public.isa)
  • RE: ISA 2004 and the internet connection
    ... I understand the issue to be: Internet access became ... slow after you upgrade ISA 2000 to ISA 2004 for a month. ... Open the ISA Server management console, ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Need to VPN from ISA to ISA
    ... You have to setup a Site-to-Site VPN with the two ISA Servers. ... the same thing as a user-initiated Remote Access VPN. ... Microsoft ISA Server Partners: Partner Hardware Solutions ...
    (microsoft.public.isa)
  • Re: cant ping gateway IP address
    ... Open ISA server, and find the "SBS Internet Access Rule", move it to the ... 'Microsoft Firewall' service. ...
    (microsoft.public.windows.server.sbs)
  • Re: Local computers cannot conect to the internet.
    ... Please run CEICW after you install ISA server. ... to configure the ISA to allow internal clients access Internet. ... Ensure client computer join SBS domain thru connectcomputer wizard. ...
    (microsoft.public.windows.server.sbs)
Loading