RE: VPN

From: Bill Peng [MSFT] (v-bpeng_at_online.microsoft.com)
Date: 02/07/05

Next message: cjobes: "Re: ISA blocks access to OVA"
Previous message: Roma: "Re: VPN Connection"
In reply to: Denis: "RE: VPN"
Messages sorted by: [ date ] [ thread ]

Date: Mon, 07 Feb 2005 06:22:43 GMT

Hi Denis,

Thank you for the update.

I hope the info I provided in the previous reply is useful.

If you need further assistance in this scenario, please post back and I
will follow it up.

If you decide to continue troubleshoothe software VPN issue, please feel
free to open a new thread.

Have a nice day!

Bill Peng
MCSE 2000, MCDBA
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>Thread-Topic: VPN
>thread-index: AcUK3RJplQkuddNBRNmEn53jRmkhjg==
>X-WBNR-Posting-Host: 212.159.44.244
>From: "=?Utf-8?B?RGVuaXM=?=" <Denis@discussions.microsoft.com>
>References: <D99A7A75-2728-4A5A-86B8-17AD64F1AD21@microsoft.com>
<y64CQrpCFHA.2504@cpmsftngxa10.phx.gbl>
>Subject: RE: VPN
>Date: Fri, 4 Feb 2005 09:15:06 -0800
>Lines: 103
>Message-ID: <7EA3CC94-CA02-42B1-8CDA-5FF679507542@microsoft.com>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.server.sbs
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.1.29
>Path:
cpmsftngxa10.phx.gbl!TK2MSFTFEED02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA
03.phx.gbl
>Xref: cpmsftngxa10.phx.gbl microsoft.public.windows.server.sbs:143501
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>Thanks for that feedback.
>
>I have been trying for a few weeks to get the SBS2003 VPN to work
properly.
>I can regularly get a connection to the remote server but no data
available
>or data only available intermittently, and just as regularly get a
>password/login failure and therefore no VPN connection available at all.
(and
>the login/user details and configuration was not changed between different
>problems).
>I have found the software based VPN very unreliable, and the end user is
not
>at all satisfied. I am looking for any reliable alternate.
>
>"Bill Peng [MSFT]" wrote:
>
>> Hi Denis,
>>
>> Actually, if you have an ISA Server and a WAN Router, we recommend you
to:
>>
>> 1. Use ISA Server as the VPN server.
>> 2. On the router, forward TCP 1723 and IP Protocol 47 (also allow GRE
for
>> PPTP VPN) to the ISA Server.
>> 3. Do not use the hardware VPN device.
>>
>> To answer your questions:
>>
>> 1. If SBS 2K3 has 2 NIC and ISA is acting in the firewall mode, the
traffic
>> from VPN device will be denied.
>>
>> 2. If you decide to use the hardware VPN solution:
>>
>> Method 1.
>> Use 1 Internet connection, VPN device in the front line, then connect to
a
>> hub/switch, then connect the SBS server (1 NIC) and all the clients to
the
>> same hub/switch.
>>
>> Method 2.
>> Use 2 Internet connection, SBS can still have 2 NIC and act in the ISA
>> Firewall mode, but the VPN device will be connect to the SBS internal
NIC
>> (just like other client computers.) 1 Internet connection for the SBS
>> external NIC, and the other for the VPN device (which is connecting to
the
>> SBS LAN NIC).
>>
>> I hope the above info helps.
>>
>> Have a nice day!
>>
>> Bill Peng
>> MCSE 2000, MCDBA
>> Microsoft Online Partner Support
>>
>> Get Secure! - www.microsoft.com/security
>> =====================================================
>> When responding to posts, please "Reply to Group" via your newsreader so
>> that others may learn and benefit from your issue.
>> =====================================================
>> This posting is provided "AS IS" with no warranties, and confers no
rights.
>>
>> --------------------
>> >Thread-Topic: VPN
>> >thread-index: AcUJMQgX7rPQISl9RNahDxshcnC2mQ==
>> >X-WBNR-Posting-Host: 212.159.44.244
>> >From: "=?Utf-8?B?RGVuaXM=?=" <Denis@discussions.microsoft.com>
>> >Subject: VPN
>> >Date: Wed, 2 Feb 2005 06:11:04 -0800
>> >Lines: 18
>> >Message-ID: <D99A7A75-2728-4A5A-86B8-17AD64F1AD21@microsoft.com>
>> >MIME-Version: 1.0
>> >Content-Type: text/plain;
>> > charset="Utf-8"
>> >Content-Transfer-Encoding: 7bit
>> >X-Newsreader: Microsoft CDO for Windows 2000
>> >Content-Class: urn:content-classes:message
>> >Importance: normal
>> >Priority: normal
>> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>> >Newsgroups: microsoft.public.windows.server.sbs
>> >NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.1.29
>> >Path: cpmsftngxa10.phx.gbl!TK2MSFTNGXA03.phx.gbl
>> >Xref: cpmsftngxa10.phx.gbl microsoft.public.windows.server.sbs:142782
>> >X-Tomcat-NG: microsoft.public.windows.server.sbs
>> >
>> >I am a VPN novice so apologies if these are realy basic questions:
>> >
>> >SBS2003 running ISA. I need to set up a remote office for 4 users that
has
>> >full access to the 2003 server and local resources in a local office.
>> >
>> >I am looking at using the Sonic Wall TZ170 VPN interface.
>> >
>> >1: Can I use the (ISA) WAN port of the server to connect the TZ170 to
the
>> >server and provide local network access to VPN clients. If so will the
>> server
>> >retain it's (normal) internet access? (I think not since only external
>> >addresses are routed to that ISA WAN interface, unless routing is
>> rearranged.)
>> >2: The WAN ADSL modem we use is a 4 port router, could I connect the
TZ170
>> >to an Ethernet port on the ADSL router and bridge the TZ170 to the
local
>> >network router and provide lan(local) access for the remote office.
>> >3: If either of these is not applicable am I then correct in thinking
that
>> >to maintain a permanent lan(local) to lan(Remote) connection we would
need
>> >two internet connections for the server (one for permanent VPN and
another
>> >for internet access).
>> >
>>
>>
>

Next message: cjobes: "Re: ISA blocks access to OVA"
Previous message: Roma: "Re: VPN Connection"
In reply to: Denis: "RE: VPN"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: I need an expert advice on this
... It's a connection ... ISA Server will accomplish what you're asking for. ... >> I have 4 locations accross the us connected via hardware vpn. ... >> locations are not able to establish a vpn (their routers can only hold ...
(microsoft.public.windows.server.networking)
RE: VPN Issue
... the default gateway on the remote network. ... 317025 You Cannot Connect to the Internet After You Connect to a VPN Server ... 305550How to configure a VPN connection to your corporate network in ... How to configure networks in ISA Server 2004 ...
(microsoft.public.windows.server.sbs)
Site-to-site VPN on ISA 2004
... I am trying to establish a site-to-site VPN connection using PPTP between ... Remote Access will be enabled and configured on the ISA server automatically ... manually initiate the connection from withing Routing and Remote access MMC. ...
(microsoft.public.isa.vpn)
Site-to-site VPN
... I am trying to establish a site-to-site VPN connection using PPTP between ... Remote Access will be enabled and configured on the ISA server automatically ... manually initiate the connection from withing Routing and Remote access MMC. ...
(microsoft.public.isaserver)
VPN client behind ISA drops connection
... XP VPN client behind ISA server. ... connection works and is stable ... There are two SBS ...
(microsoft.public.isa.vpn)