Re: Cisco Client Cannot Connect Outbound
- From: "Bill Glidden" <billyg1943@xxxxxxxxxxx>
- Date: Wed, 8 Mar 2006 19:46:08 +1000
If someone needs a how-to for this I will be happy to forward a copy to
them.
""Crina Li"" <v-crinal@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:Is6rf1dQGHA.412@xxxxxxxxxxxxxxxxxxxxxxxx
Hi Bill,
Thanks for your update.
It is my pleasure to work with you in this post. If you have any further
questions or concerns regarding the issue, please do not hesitate to let
me
know. We are glad to be of the assistance.
Again, thank you for using Microsoft newsgroup. Have a nice day. :)
Best regards,
Crina Li (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check
the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In
doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no
rights.
--------------------
| From: "Bill Glidden" <billyg1943@xxxxxxxxxxx>
| References: <#v1KoNQQGHA.3460@xxxxxxxxxxxxxxxxxxxx>
<ldL1xZZQGHA.6504@xxxxxxxxxxxxxxxxxxxxx>
<u#NrSYcQGHA.1556@xxxxxxxxxxxxxxxxxxxx>
<8hI5bGdQGHA.7064@xxxxxxxxxxxxxxxxxxxxx>
| Subject: Re: Cisco Client Cannot Connect Outbound
| Date: Tue, 7 Mar 2006 20:38:51 +1000
| Lines: 294
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| X-RFC2646: Format=Flowed; Original
| Message-ID: <u05CVNdQGHA.1416@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: cpe-61-9-218-244.qld.bigpond.net.au 61.9.218.244
| Path: TK2MSFTNGXA03.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
| Xref: TK2MSFTNGXA03.phx.gbl microsoft.public.windows.server.sbs:250120
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi Crina,
|
| Thanks for the excellent references. I am a complete newcomer to ISA
and
| need to learn quickly!
|
| Cheers,
| Bill
|
| ""Crina Li"" <v-crinal@xxxxxxxxxxxxxxxxxxxx> wrote in message
| news:8hI5bGdQGHA.7064@xxxxxxxxxxxxxxxxxxxxxxxx
| > Hi Bill,
| >
| > Thanks for your update.
| >
| > As I know, ISA Server 2004 supports a more secure way of communication
| > between the Firewall client and ISA Server. So you may need to
configure
| > the protocol definition for the third party VPN access.
| >
| > Fro more information regarding ISA 2004, you may need to refer the
| > following documents:
| >
| > What's New and Improved in ISA Server 2004
| > http://www.microsoft.com/isaserver/evaluation/whatsnew.asp
| >
| > ISA Server 2004 Performance Best Practices
| >
http://www.microsoft.com/technet/prodtechnol/isa/2004/performancebestpractic
| > es.mspx
| >
| > ISA Server 2004 Quick Start Guide
| >
http://download.microsoft.com/download/3/7/b/37b0cbc4-e578-4082-a779-de4fbe8
| > 76f06/ISA2004SE_quickstartguide-Rev%201%2003.doc
| >
| > ISA Server 2004 ISA Server 2004 Configuration Guide
| >
http://download.microsoft.com/download/3/7/b/37b0cbc4-e578-4082-a779-de4fbe8
| > 76f06/ISA2004SE_configguide-Rev%201%2003.doc
| >
| > ISA Server 2004 Product Documentation
| >
http://download.microsoft.com/download/5/a/e/5ae686f4-c4a6-4213-bc50-abc46b0
| > 714dc/isa.chm
| >
| > ISA 2004 Guidance
| > http://www.microsoft.com/isaserver/techinfo/guidance/2004/default.mspx
| >
| > ISA 2004 best practices, Tips and Tricks:
| > http://www.isaserver.org/tutorials/2004bestpractices-p1.html
| >
| > Thanks for your time and I look forward to hearing from you.
| >
| > Best regards,
| >
| > Crina Li (MSFT)
| >
| > Microsoft CSS Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| >
| > =====================================================
| > This newsgroup only focuses on SBS technical issues. If you have
issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you
check
| > the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although
we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
| > doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| >
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no
| > rights.
| > --------------------
| > | From: "Bill Glidden" <billyg1943@xxxxxxxxxxx>
| > | References: <#v1KoNQQGHA.3460@xxxxxxxxxxxxxxxxxxxx>
| > <ldL1xZZQGHA.6504@xxxxxxxxxxxxxxxxxxxxx>
| > | Subject: Re: Cisco Client Cannot Connect Outbound
| > | Date: Tue, 7 Mar 2006 19:03:56 +1000
| > | Lines: 146
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Outlook Express 6.00.2900.2527
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527
| > | X-RFC2646: Format=Flowed; Original
| > | Message-ID: <u#NrSYcQGHA.1556@xxxxxxxxxxxxxxxxxxxx>
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | NNTP-Posting-Host: cpe-61-9-218-244.qld.bigpond.net.au 61.9.218.244
| > | Path:
TK2MSFTNGXA03.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
| > | Xref: TK2MSFTNGXA03.phx.gbl
microsoft.public.windows.server.sbs:250085
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | Hi Crina,
| > |
| > | This was working previously on SBS 2000 + ISA 2000 which was relaced
the
| > SBS
| > | 2003 + ISA 2004. Are you telling me that ISA 2004 is fundamentally
| > | different to ISA 2000? I hope not or my client will not be happy.
| > |
| > | Regards,
| > | Bill
| > |
| > | ""Crina Li"" <v-crinal@xxxxxxxxxxxxxxxxxxxx> wrote in message
| > | news:ldL1xZZQGHA.6504@xxxxxxxxxxxxxxxxxxxxxxxx
| > | > Hi Bill,
| > | >
| > | > Thank you for posting in SBS newsgroup.
| > | >
| > | > From the description, I understand that you want to allow the
internal
| > | > Cisco VPN clients to establish the VPN connection with the
external
| > VPN
| > | > server through Microsoft Internet Security and Acceleration (ISA)
| > Server
| > | > 2004. If I have misunderstood your concerns, please do not
hesitate
to
| > let
| > | > me know.
| > | >
| > | > Based on my knowledge, the Cisco VPN client is a client side
| > connection
| > | > manage program for Cisco VPN server. It uses L2TP/IPSec VPN
method.
Is
| > it
| > | > a
| > | > Cisco Concentrator 3300? If not, I'm afraid that you may not be
able
| > to
| > | > establish the VPN connection by using IPsec. As IPSec is designed,
it
| > | > doesn't allow going through a firewall (NAT) to connect for
security
| > | > reasons.
| > | >
| > | > 818043 L2TP/IPSec NAT-T Update for Windows XP and Windows 2000
| > | > http://support.microsoft.com/?id=818043
| > | >
| > | > If the remote VPN server is a Cisco Concentrator 3300, you may
refer
| > to
| > | > the
| > | > following KB article:
| > | >
| > | > 812076 How to enable a Cisco IPSec VPN client to connect to a
Cisco
| > VPN
| > | > http://support.microsoft.com/?id=812076
| > | >
| > | > You can refer to the port usage described in the KB. For UDP port
500
| > and
| > | > 4500, we can use the pre-defined protocol definitions in ISA
server
| > 2004
| > | > (IKE Client and IPSec NAT-T Client). For UDP port 10000, you may
want
| > to
| > | > create a new protocol definition for this. Please create a rule to
| > allow
| > | > the three protocols from internal network to external.
| > | >
| > | > Please also make sure that the clients are running in SecureNAT
mode.
| > The
| > | > VPN pass-through would not work in firewall client method.
| > | >
| > | > Please also run CEICW and select Enable firewall and then make
sure
| > | > Virtual
| > | > Private Networking (VPN) is selected in the Services Configuration
| > page.
| > | >
| > | > Related info:
| > | >
| > | > http://www.isaserver.org/articles/IPSec_Passthrough.html
| > | >
| > | > Please understand that since this is a third-party VPN solution,
you
| > may
| > | > also need to involve the Cisco support into this issue. Some
settings
| > on
| > | > the VPN client or the server could also affect the VPN connection
| > through
| > | > a
| > | > firewall.
| > | >
| > | > More information:
| > | >
| > | > 838245 How to permit PPTP clients to access the external network
| > through
| > | > ISA
| > | > http://support.microsoft.com/?id=838245
| > | >
| > | > 887006 When you use the ISA 2004 Firewall Client program, you
cannot
| > make
| > | > a
| > | > http://support.microsoft.com/?id=887006
| > | >
| > | > This response contains a reference to a Third party World Wide Web
| > site.
| > | > You should know that Third party sites are not under the control
of
| > | > Microsoft. Accordingly, Microsoft can make no representation
| > concerning
| > | > the content of these sites. Microsoft is providing this
information
| > only
| > | > as a convenience to you. This is to inform you that Microsoft has
not
| > | > tested any software or information found on these sites and
therefore
| > | > cannot make any representations regarding the quality, safety, or
| > | > suitability of any software or information found there. There are
| > | > inherent
| > | > dangers in the use of any software found on the Internet, and
| > Microsoft
| > | > cautions you to make sure that you completely understand the risk
| > before
| > | > retrieving any software on the Internet.
| > | >
| > | > I hope the above information helps. If you have any questions or
| > concerns,
| > | > please feel free to let me know. I look forward to your reply!
| > | >
| > | > Best regards,
| > | >
| > | > Crina Li (MSFT)
| > | >
| > | > Microsoft CSS Online Newsgroup Support
| > | >
| > | > Get Secure! - www.microsoft.com/security
| > | >
| > | > =====================================================
| > | > This newsgroup only focuses on SBS technical issues. If you have
| > issues
| > | > regarding other Microsoft products, you'd better post in the
| > corresponding
| > | > newsgroups so that they can be resolved in an efficient and timely
| > manner.
| > | > You can locate the newsgroup here:
| > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| > | >
| > | > When opening a new thread via the web interface, we recommend you
| > check
| > | > the
| > | > "Notify me of replies" box to receive e-mail notifications when
there
| > are
| > | > any updates in your thread. When responding to posts via your
| > newsreader,
| > | > please "Reply to Group" so that others may learn and benefit from
your
| > | > issue.
| > | >
| > | > Microsoft engineers can only focus on one issue per thread.
Although
| > we
| > | > provide other information for your reference, we recommend you
post
| > | > different incidents in different threads to keep the thread clean.
In
| > | > doing
| > | > so, it will ensure your issues are resolved in a timely manner.
| > | >
| > | > For urgent issues, you may want to contact Microsoft CSS directly.
| > Please
| > | > check http://support.microsoft.com for regional support phone
numbers.
| > | >
| > | > Any input or comments in this thread are highly appreciated.
| > | >
| > | > =====================================================
| > | >
| > | > This posting is provided "AS IS" with no warranties, and confers
no
| > | > rights.
| > | > --------------------
| > | > | From: "Bill Glidden" <billyg1943@xxxxxxxxxxx>
| > | > | Subject: Cisco Client Cannot Connect Outbound
| > | > | Date: Mon, 6 Mar 2006 19:50:29 +1000
| > | > | | Newsgroups: microsoft.public.windows.server.sbs
| > | > | |
| > | > | Tidying up swing migration from SBS 200 to 2003 SP1 + ISA 2004
and
| > have
| > | > a
| > | > | problem with Cisco VPN client on the LAN being unable to connect
to
| > a
| > | > remote
| > | > | site. I know the ports to use but I am unsure as to how I use
| > CEICW
| > to
| > | > | open them (assuming this is the problem). It used to work with
the
| > old
| > | > | server and the new server is the only change. Can someone
please
| > tell
| > | > me
| > | > | how to do this?
| > | > |
| > | > |
| > | > |
| > | >
| > |
| > |
| > |
| >
|
|
|
.
- Follow-Ups:
- Re: Cisco Client Cannot Connect Outbound
- From: "Crina Li"
- Re: Cisco Client Cannot Connect Outbound
- References:
- Cisco Client Cannot Connect Outbound
- From: Bill Glidden
- RE: Cisco Client Cannot Connect Outbound
- From: "Crina Li"
- Re: Cisco Client Cannot Connect Outbound
- From: Bill Glidden
- Re: Cisco Client Cannot Connect Outbound
- From: "Crina Li"
- Re: Cisco Client Cannot Connect Outbound
- From: Bill Glidden
- Re: Cisco Client Cannot Connect Outbound
- From: "Crina Li"
- Cisco Client Cannot Connect Outbound
- Prev by Date: Re: Joining to SBS 2003 domain
- Next by Date: Re: Novell 3.12 Server Access for SBS 2003 clients
- Previous by thread: Re: Cisco Client Cannot Connect Outbound
- Next by thread: Re: Cisco Client Cannot Connect Outbound
- Index(es):
Relevant Pages
|
