Re: PPTP vpn appears firewalled?!
- From: Rich R <RichR@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 8 Aug 2005 07:47:02 -0700
Hi Steve,
thanks for the reply, in this case it seems that wasnt the problem, although
the answer was very informative.
the reason for this is because we havent upgraded to ISA2004, it's still
2000, and i've actually just been sent a hotfix from microsoft, as it's in
KB897651.
a known problem it seems, and fits which what i suspected was happening, its
just that there is no mechanism from turning the firewall off.
an SBS2003 oversight it would seem.
cheers
Rich
"Steve Foster [SBS MVP]" wrote:
> Rich R wrote:
>
> >i've installed windows 2003 sp1 on sbs 2003, and from that point on, the
> >PPTP
> >VPN seems 'firewalled'. that is, i can connect to the VPN from wherever,
> >but
> >i cannot ping, or access remote desktop from the client computer. however,
> >which the VPN is established, i CAN ping from the server to the client.
> >
> >i've also installed SPS 2003 SP1, and all the other updates, so i woudl
> >expect it tp work. it's the premium version, so ISA server is installed.
> >
> >nothing else has changed other than installing the service packs in the
> >order specified but microsoft.
> >
> >there is no obvious way to check this firewall scenario, i cnanot access
> >the
> >windows firewall from security center as it says ipnat.sys is in use or
> >something.
>
> Windows Firewall on the SBS is disabled. ISA2004 takes care of firewall
> duties.
>
> The default policy in ISA2004 (prior to running the CEICW) is to isolate
> VPN clients completely (ie they can establish the VPN, but aren't allowed
> to go anywhere).
>
> If you've successfully completed the CEICW and have selected to enable VPN
> in the firewall settings there, then ISA2004 should have been configured
> to allow VPN clients access to the internal network automatically.
>
> In this scenario, you should have an ISA Access Rule called "Traffic
> between VPN Clients and Internal networks", which allows all outbound
> traffic between "Internal" and "VPN Clients" to "Internal" and "VPN
> Clients".
>
> The definition of "Internal" should include the whole of your
> 192.168.<whatever>.x subnet.
>
> --
> Steve Foster [SBS MVP]
> ---------------------------------------
> MVPs do not work for Microsoft. Please reply only to the newsgroups.
>
.
- Follow-Ups:
- Re: PPTP vpn appears firewalled?!
- From: Rich R
- Re: PPTP vpn appears firewalled?!
- From: Steve Foster [SBS MVP]
- Re: PPTP vpn appears firewalled?!
- References:
- PPTP vpn appears firewalled?!
- From: Rich R
- Re: PPTP vpn appears firewalled?!
- From: Steve Foster [SBS MVP]
- PPTP vpn appears firewalled?!
- Prev by Date: Re: Can't access companyweb from client computer
- Next by Date: Problems with Exchange Send Queue
- Previous by thread: Re: PPTP vpn appears firewalled?!
- Next by thread: Re: PPTP vpn appears firewalled?!
- Index(es):
Relevant Pages
|
