Re: ISA 2004 and Point-to-point private line ... complicated!
- From: "." <noemails@please>
- Date: Fri, 7 Apr 2006 11:23:28 -0400
Can I assume that the tracert from the ISA server to something on the remote
network does work? You said you added the route but you didn't say whether
it had been checked.
You said you had a private line to the remote office, yet the 201.150.65.18
IP address specified below is in fact pingable from the Internet.
Ray
"TRichards" <richards@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:OvXMOMlWGHA.1192@xxxxxxxxxxxxxxxxxxxxxxx
Ray,
Thanks for your response.
ipconfig/all on the remote hosts show the correct DNS Domain suffix
provided by DHCP set in the router.
I originally issued the following command on the ISA server:
route -p add 192.168.1.0 mask 255.255.255.0 201.150.65.18 metric 1
192.168.1.0 is the remote subnet, 201.150.65.18 is the corporate office
Cisco router GW.
Any ideas?
Thanks.
"." <noemails@please> wrote in message
news:uETVDrbWGHA.3332@xxxxxxxxxxxxxxxxxxxxxxx
Are you passing the default DNS Domain suffix by DHCP?
Does a tracert initiated from the ISA server to something in the remote
office get routed the correct way? If not, you'll need to add a
persistent static route on the ISA server to send that traffic to the
Cisco router on your end of the private line.
Ray
"TRichards" <richards@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:OicYpqOWGHA.4920@xxxxxxxxxxxxxxxxxxxxxxx
We have been running ISA 2004 SP1 here on our main corporate network
just fine. Remote office and other remote users in various geographical
locations use VPN connection to access corporate network. We recently
added a point-to-point private T1 between main corporate office and
largest remote office. Cisco 1841 routers terminate the P2P at both ends
and in turn, plug directly into switches. DHCP has been setup on the
remote office router with pointers back to corporate office DNS and
WINS.
Ipconfig on remote office hosts show all the correct IP, SM, GW, DNS and
WINS.
Remote office users can now directly connect to corporate file shares
and access Internet without a VPN connection.
Remote office user problems:
====================
Outlook without VPN can no longer connect to our Exchange server. Note:
Remote office hosts can ping exchange server by it's name.
Default http://intranet will not resolve, but they can connect to
Internet sites coming back through routers and out corporate ISA server.
Corporate servers behind ISA are SecureNAT with default GW pointing to
internal ISA NIC. (Is this the problem!?!?)
ISA external NIC GW points to ISP, ISA internal GW is blank.
Partial solutions:
===================
Created an access rule called 'P2P Access' that allows all OB, from:
Internal and Local host, to: Internal and Local host and all users
(recommended by M$ during $245 support call).
Added remote office subnet to Internal Networks on ISA.
Any help in this matter will be greatly appreciated. Thank You.
.
- Follow-Ups:
- Re: ISA 2004 and Point-to-point private line ... complicated!
- From: TRichards
- Re: ISA 2004 and Point-to-point private line ... complicated!
- References:
- Prev by Date: Re: ISA 2004 and Point-to-point private line ... complicated!
- Next by Date: Re: Advanced: netcache proxy server and winhttp component
- Previous by thread: Re: ISA 2004 and Point-to-point private line ... complicated!
- Next by thread: Re: ISA 2004 and Point-to-point private line ... complicated!
- Index(es):
Relevant Pages
|
