Re: VPN Setup Q

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Brian (nospam_at_nospam.com)
Date: 08/06/04

• Next message: Ankit Mittal [MSFT]: "Re: NAT problems"
• Previous message: David D.: "Re: VPN - client connecting via dialup, not from broadband connect"
• In reply to: Feng Mao: "Re: VPN Setup Q"
• Next in thread: Feng Mao: "Re: VPN Setup Q"
• Reply: Feng Mao: "Re: VPN Setup Q"
• Messages sorted by: [ date ] [ thread ]

---

Date: Fri, 6 Aug 2004 09:07:38 -0500

The "Main Office" is not running ISA. The firewall is the one that is
built-in to the router (Linksys BEFSR41).

The "Branch Office" is running Tiny Firewall 6.0. (I *think* I figured out
this one, but I'm not positive yet).

--Brian

"Feng Mao" <fengmao@online.microsoft.com> wrote in message
news:LVUaoQ6eEHA.740@cpmsftngxa06.phx.gbl...
> Hi Brian,
>
> Thank you for posting!
>
> May I know what kind of firewall server you are using. If you are using
ISA
> 2004 as the firewall server, I believe the below article in Microsoft
> knowledge base will be helpful.
>
> 837355 How to configure a VPN server by using Internet Security and
> http://support.microsoft.com/?id=837355
>
> In ISA 2004 ISA Server Management, you can greate a VPN access rule as
> Firewall Policy. You can leave the "All outbound protocols" option
selected
> in the "This rule applies to" list, and then click "Next". Note You can
> control the protocols that the VPN clients use by modifying the access
rule
> after you create it.
>
> Have a nice day!
>
> Thanks & Regards,
>
> Feng Mao [MSFT], MCSE
> Microsoft Online Partner Support
>
> Get Secure! - www.microsoft.com/security
>
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
>
> --------------------
> | From: "Brian" <nospam@nospam.com>
> | References: <ekQYGgveEHA.3536@TK2MSFTNGP12.phx.gbl>
> <u1UudRweEHA.1656@TK2MSFTNGP09.phx.gbl>
> | Subject: Re: VPN Setup Q
> | Date: Thu, 5 Aug 2004 11:15:38 -0500
> | Lines: 92
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2800.1437
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
> | Message-ID: <uRtbzdweEHA.3612@TK2MSFTNGP12.phx.gbl>
> | Newsgroups: microsoft.public.win2000.ras_routing
> | NNTP-Posting-Host: www.taxrfnd.com 12.15.58.45
> | Path:
>
cpmsftngxa06.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTFEED01.phx.gbl!TK2MSFTNGP08
> phx.gbl!TK2MSFTNGP12.phx.gbl
> | Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.ras_routing:13799
> | X-Tomcat-NG: microsoft.public.win2000.ras_routing
> |
> | I've played around with most of this but I *think* that my problem is
with
> | either the firewall software on the server at the Branch Office or with
> the
> | DSL Router at the Main Office.
> |
> | When I try to connect from the Branch Office, I get the message that the
> | remote side isn't responding.
> |
> | Any ideas?
> |
> | --Brian
> |
> | "Robert L [MS-MVP]" <noreply@hotmail.com> wrote in message
> | news:u1UudRweEHA.1656@TK2MSFTNGP09.phx.gbl...
> | > this may help. quoted form http://www.ChicagoTech.net
> | >
> | > How to Setup A Site-to-Site VPN Connection
> | >
> | > To setup a Site-to-Site VPN Connection , you may need to configure two
> | > windows servers for the Answering and Calling Routers. Here are the
> steps:
> | >
> | > 1. Run RRAS, on Configuration page, select LAN routing.
> | > 2. Configure VPN on the Answering Router.
> | > 3. Configure the Demand-dial Interface on the Answering Router.
> | > 4. Configure VPN on the Calling Router.
> | > 5. Configure the Demand-dial Interface on the Calling Router.
> | > 6. Confirm the Remote Access Policy Configuration on the Answering and
> | > Calling Routers.
> | >
> | >
> | > --
> | > For more and other information, go to http://www.ChicagoTech.net
> | >
> | > Don't send e-mail or reply to me except you need consulting services.
> | > Posting on MS newsgroup will benefit all readers and you may get more
> | help.
> | >
> | > Robert Lin, MS-MVP, MCSE & CNE
> | > Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting
> on
> | > http://www.ChicagoTech.net
> | > This posting is provided "AS IS" with no warranties.
> | >
> | > "Brian" <nospam@nospam.com> wrote in message
> | > news:ekQYGgveEHA.3536@TK2MSFTNGP12.phx.gbl...
> | > >I need just a simple VPN connection between two sites.
> | > > Is there an easy to follow walk-through somewhere that tells how to
> | setup
> | > > just a simple VPN like I need?
> | > >
> | > > Here's what I have and need to do:
> | > >
> | > > Main Office
> | > > ------------
> | > > Windows Server 2003
> | > > Exchange Server 2003
> | > > Active Domain
> | > > Internet Connection: DSL through DSL Router. DSL currently setup to
> | > > forward
> | > > ports for http, e-mail, etc to the Win2003Server.
> | > >
> | > > Branch Office
> | > > --------------
> | > > Windows Server 2003
> | > > Workgroup (unable to use AD for a reason)
> | > > Internet Connection: DSL. No separate router. DSL into NIC1 on
> | WinSrv03.
> | > > NIC2 to LAN.
> | > > WinSrv03 has RRAS setup for NAT to allow users access to the
internet.
> | > >
> | > > Here's what I need to accomplish:
> | > > ----------------------------------
> | > > All I need is to have the 5 users at the Branch Office be able to
> access
> | > > the
> | > > Exchange Server located on the Main Office network as if they were
> | > > physically connected.
> | > >
> | > > I do not have much experience with VPNs and have had a hard time
> trying
> | to
> | > > find an easy to follow guide to set something like this up. I don't
> | have
> | > > the free time to sit down and spend several hours learning
everything
> | > > about
> | > > remote access. I need to get this setup *now*.
> | > >
> | > > Can anyone point me in the right direction?
> | > >
> | > > --Brian
> | > >
> | > >
> | >
> | >
> |
> |
> |
>

---

• Next message: Ankit Mittal [MSFT]: "Re: NAT problems"
• Previous message: David D.: "Re: VPN - client connecting via dialup, not from broadband connect"
• In reply to: Feng Mao: "Re: VPN Setup Q"
• Next in thread: Feng Mao: "Re: VPN Setup Q"
• Reply: Feng Mao: "Re: VPN Setup Q"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages RE: OWA page not displayed Outside ... Open the ISA Server management console, ... On the ISA Server computer, stop the Microsoft Firewall service. ... (microsoft.public.windows.server.sbs) RE: OWA page not displayed Outside ... Open the ISA Server management console, ... On the ISA Server computer, stop the Microsoft Firewall service. ... (microsoft.public.windows.server.sbs) RE: OWA page not displayed Outside ... Open ISA 2006 management console. ... Expand the server node and highlight 'Monitoring'. ... Click 'Configure Firewall Logging'. ... |> internal client as both the web proxy client and firewall client? ... (microsoft.public.windows.server.sbs) Re: Using ISA and Exchange together ... In this scenario, IMHO, the router shouldn't be doing anything other than routing traffic. ... kind of unusual that your router and firewall are two different hardware devices, but none the less...I would remove ISA and the second nic, and let your firewall do it all. ... Otherwise you might want to keep ISA so you can have that functionality...and then I would remove the hardware firewall. ... traffic will be proxied by the ISA server. ... (microsoft.public.windows.server.sbs) Re: loss of SOME connectivity ... I "think" it is DNS. ... Yes, I can ping the router, AND the ISP DNS. ... I cannot connect the inet cable directly to the server because the inet is ... MS firewall not started. ... (microsoft.public.windows.server.sbs)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Win2000  > microsoft.public.win2000.ras_routing  > 2004-08