Re: VPN with SBS Premuim
- From: v-mzhuan@xxxxxxxxxxxxxxxxxxxx (Manfred Zhuang [MSFT])
- Date: Thu, 31 Jan 2008 09:29:55 GMT
Hello Anthony,
Thank you for getting back.
I would like to confirm that after re-running CEICW, did you run Remote
Access Wizard?
Have you tried visiting RWW and downloading the latest SBS connection
manager on the problematic clients?
If not, I suggest you perform these steps.
If the issue persists, please help me gather following information:
1. Please help to gather the ISA Info:
1) Download the file from the following URL:
http://www.isatools.org/isainfo/ISAInfo.zip
2) Extract all files to a folder on ISA server.
3) Double click Isainfo.js. This will generate 2 files
ISAInfo2004-<computer-name>.log and ISAInfo2004-<computer-name>.xml in the
current folder.
4) Please send these files to me at v-mzhuan@xxxxxxxxxxxxx
2. Please also help to gather the ISA logs:
1) Schedule a down time.
2) Open ISA 2004 management console.
3) Expand the server node and highlight 'Monitoring'.
4) In the right pane, switch to the 'Logging' tab, make sure the 'Task
Pane' is showed there.
5) In the 'Task Pane', click 'Configure Firewall Logging' under 'Logging
Tasks', and then switch the 'log storage format' from 'MSDE database'
(default) to 'File'.
6) Switch to the 'Fields' tab, click 'Select All', and then click OK.
7) In the 'Task Pane', click 'Configure Web Proxy Logging' under 'Logging
Tasks', and then switch the 'log storage format' from 'MSDE database'
(default) to 'File'.
8) Switch to the 'Fields' tab, click 'Select All', and then click OK.
9) Click 'Apply' to save changes and update the configuration.
10) Temporarily disable the Firewall service. To do that, please click
Monitoring | Services tab, and then right click 'Microsoft Firewall' to
choose 'Stop'.
11) Clear the current existing W3C logs. To do that, go to the log saving
directory and clean any existing .W3C logs. By default, the logs will be
saved to 'C:\Program Files\Microsoft ISA Server\ISALogs'. (Some MDF may not
be able to deleted, that's normal.) You may backup them first and then
delete them.
12) Go back to the ISA 2004 management console, and then Start the stopped
'Microsoft Firewall' service.
13) Reproduce the problem, stop the service, and then gather the resulting
W3C files to me for analysis.
14) Please also let me know the IP address of the testing clients so that I
can filter the data.
3. Please download the MPS Report tool from the following link and run it
on the SBS server, then send the generated CAB file to my mailbox
v-mzhuan@xxxxxxxxxxxxx for further investigation so that we can find what
the root cause is:
http://download.microsoft.com/download/b/b/1/bb139fcb-4aac-4fe5-a579-30b0bd9
15706/MPSRPT_NETWORK.EXE
For your information:
http://www.microsoft.com/downloads/details.aspx?FamilyId=CEBF3C7C-7CA5-408F-
88B7-F9C79B7306C0&displaylang=en
Please try the above steps at your earliest convenience. If you have any
concern, please feel free to let me know.
Best regards,
Manfred Zhuang(MSFT)
Microsoft Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: VPN with SBS Premuim
| thread-index: AchjJDm4FmDY0Sk8SC+ku86ywnRr6Q==
| X-WBNR-Posting-Host: 207.46.193.207
| From: =?Utf-8?B?QW50aG9ueSBmcm9tIFNvbHV0aW9uIE9uZSBMdGQu?=
<AnthonyfromSolutionOneLtd@xxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <3565856B-EADB-4B29-92FE-53A16FE36629@xxxxxxxxxxxxx>
<uv5gb7JSIHA.748@xxxxxxxxxxxxxxxxxxxx>
<OHPqmCZSIHA.3916@xxxxxxxxxxxxxxxxxxxx>
<DADB3B2F-CB62-4D34-A5EB-5E1E9674AB8C@xxxxxxxxxxxxx>
<0CCA0E9B-5D25-4E4F-BCE7-202B5BE492E6@xxxxxxxxxxxxx>
<Ma6K80oVIHA.4720@xxxxxxxxxxxxxxxxxxxxxx>
| Subject: Re: VPN with SBS Premuim
| Date: Wed, 30 Jan 2008 01:41:01 -0800
| Lines: 282
| Message-ID: <90362C5D-3F77-4195-B550-3A5DD61BE4FA@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 8bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
| Newsgroups: microsoft.public.windows.server.sbs
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:89529
| NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi Manfred,
|
| I followed your instructions and downloaded the MS Hotfix listed for the
| Windows 2003 SP2 networking issues, and then re-ran the CEICW again this
time
| picking to "change" instead of "do not", I am now able to successfully
| establish a VPN connection from 3 different Windows Vista PC's, but I am
| still unable to establish a connection from any Windows XP (SP2)
machines,
| the Windows XP machine, gets up to "verifying username and password" and
then
| sits there for about 30 secconds, there is no real error message, and the
| event tracing in ISA does not say anything has been denied??
|
| This customer is unfortunately a 24hour operation and I would be most
| greatful if you have any more suggestions.
|
| cheers
|
| Anthony Duxfield
|
|
| "Manfred Zhuang [MSFT]" wrote:
|
| > Hello Anthony,
| >
| > Thank you for posting here.
| >
| > From your post, I understand that after installing ISA 2004 on the SBS
| > server, VPN does not work.
| >
| > Based on my research, if you installed SP2 on the SBS server without
| > installing the hotfixes, there will be some problems with VPN.
| >
| > Therefore if you installed SP2 on the server, please refer to following
| > article to ensure all the hotfixes are installed.
| >
| > Best practices and known issues when you install Windows Server 2003
| > Service Pack 2 on a Windows Small Business Server 2003-based computer
| > http://support.microsoft.com/kb/939421
| >
| > In addition, please refer to following article to check if all the
settings
| > are correct.
| >
| > Firstly I would like to confirm when re-running CEICW, did you select
"Do
| > not change¡Â"? If yes, I suggest you re-run CEICW again and not
select this
| > option.
| >
| > 837355 How to configure a VPN server by using Internet Security and
| > Acceleration (ISA) Server 2006 or ISA Server 2004
| > http://support.microsoft.com/?id=837355
| >
| > I hope the above information is helpful to you. If the problem still
| > occurs, please help me gather following information:
| >
| > 1. Please help to gather the ISA Info:
| >
| > 1) Download the file from the following URL:
| >
| > http://www.isatools.org/isainfo/ISAInfo.zip
| >
| > 2) Extract all files to a folder on ISA server.
| > 3) Double click Isainfo.js. This will generate 2 files
| > ISAInfo2004-<computer-name>.log and ISAInfo2004-<computer-name>.xml in
the
| > current folder.
| > 4) Please send these files to me at v-mzhuan@xxxxxxxxxxxxx
| >
| > 2. Please also help to gather the ISA logs:
| >
| > 1) Schedule a down time.
| >
| > 2) Open ISA 2004 management console.
| >
| > 3) Expand the server node and highlight 'Monitoring'.
| >
| > 4) In the right pane, switch to the 'Logging' tab, make sure the 'Task
| > Pane' is showed there.
| >
| > 5) In the 'Task Pane', click 'Configure Firewall Logging' under
'Logging
| > Tasks', and then switch the 'log storage format' from 'MSDE database'
| > (default) to 'File'.
| >
| > 6) Switch to the 'Fields' tab, click 'Select All', and then click OK.
| >
| > 7) In the 'Task Pane', click 'Configure Web Proxy Logging' under
'Logging
| > Tasks', and then switch the 'log storage format' from 'MSDE database'
| > (default) to 'File'.
| >
| > 8) Switch to the 'Fields' tab, click 'Select All', and then click OK.
| >
| > 9) Click 'Apply' to save changes and update the configuration.
| >
| > 10) Temporarily disable the Firewall service. To do that, please click
| > Monitoring | Services tab, and then right click 'Microsoft Firewall' to
| > choose 'Stop'.
| >
| > 11) Clear the current existing W3C logs. To do that, go to the log
saving
| > directory and clean any existing .W3C logs. By default, the logs will
be
| > saved to 'C:\Program Files\Microsoft ISA Server\ISALogs'. (Some MDF may
not
| > be able to deleted, that's normal.) You may backup them first and
then
| > delete them.
| >
| > 12) Go back to the ISA 2004 management console, and then Start the
stopped
| > 'Microsoft Firewall' service.
| >
| > 13) Reproduce the problem, stop the service, and then gather the
resulting
| > W3C files to me for analysis.
| >
| > 14) Please also let me know the IP address of the testing clients so
that I
| > can filter the data.
| >
| > Hope the above information helps. Please feel free to let me know if
there
| > is anything I can do for you.
| >
| > 3. Please download the MPS Report tool from the following link and run
it
| > on the SBS server, then send the generated CAB file to my mailbox
| > v-mzhuan@xxxxxxxxxxxxx for further investigation so that we can find
what
| > the root cause is:
| >
| >
http://download.microsoft.com/download/b/b/1/bb139fcb-4aac-4fe5-a579-30b0bd9
| > 15706/MPSRPT_NETWORK.EXE
| >
| > For your information:
| >
http://www.microsoft.com/downloads/details.aspx?FamilyId=CEBF3C7C-7CA5-408F-
| > 88B7-F9C79B7306C0&displaylang=en
| >
| > Please try the above steps at your earliest convenience. If you have
any
| > concern, please feel free to let me know.
| >
| > Best regards,
| >
| > Manfred Zhuang(MSFT)
| > Microsoft Online Newsgroup Support
| >
| > Get Secure! - www.microsoft.com/security
| >
| > =====================================================
| > This newsgroup only focuses on SBS technical issues. If you have issues
| > regarding other Microsoft products, you'd better post in the
corresponding
| > newsgroups so that they can be resolved in an efficient and timely
manner.
| > You can locate the newsgroup here:
| > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| >
| > When opening a new thread via the web interface, we recommend you check
the
| > "Notify me of replies" box to receive e-mail notifications when there
are
| > any updates in your thread. When responding to posts via your
newsreader,
| > please "Reply to Group" so that others may learn and benefit from your
| > issue.
| >
| > Microsoft engineers can only focus on one issue per thread. Although we
| > provide other information for your reference, we recommend you post
| > different incidents in different threads to keep the thread clean. In
doing
| > so, it will ensure your issues are resolved in a timely manner.
| >
| > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > check http://support.microsoft.com for regional support phone numbers.
| >
| > Any input or comments in this thread are highly appreciated.
| > =====================================================
| >
| > This posting is provided "AS IS" with no warranties, and confers no
rights.
| > --------------------
| > | Thread-Topic: VPN with SBS Premuim
| > | thread-index: AchVqhfKujbrpa2eSMy5gtI9bbY6qg==
| > | X-WBNR-Posting-Host: 207.46.19.197
| > | From: =?Utf-8?B?QW50aG9ueSBmcm9tIFNvbHV0aW9uIE9uZSBMaW1pdGVkLg==?=
| > <AnthonyfromSolutionOneLimited@xxxxxxxxxxxxxxxxxxxxxxxxx>
| > | References: <3565856B-EADB-4B29-92FE-53A16FE36629@xxxxxxxxxxxxx>
| > <uv5gb7JSIHA.748@xxxxxxxxxxxxxxxxxxxx>
| > <OHPqmCZSIHA.3916@xxxxxxxxxxxxxxxxxxxx>
| > <DADB3B2F-CB62-4D34-A5EB-5E1E9674AB8C@xxxxxxxxxxxxx>
| > | Subject: Re: VPN with SBS Premuim
| > | Date: Sat, 12 Jan 2008 22:04:01 -0800
| > | Lines: 74
| > | Message-ID: <0CCA0E9B-5D25-4E4F-BCE7-202B5BE492E6@xxxxxxxxxxxxx>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | charset="Utf-8"
| > | Content-Transfer-Encoding: 7bit
| > | X-Newsreader: Microsoft CDO for Windows 2000
| > | Content-Class: urn:content-classes:message
| > | Importance: normal
| > | Priority: normal
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
| > | Newsgroups: microsoft.public.windows.server.sbs
| > | Path: TK2MSFTNGHUB02.phx.gbl
| > | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:86293
| > | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > |
| > | Hi again, after having a wonderful break from work for X-mas, I have
now
| > | returned to this job,
| > |
| > | I have run the Internet & Email Configuration Wizard and the remote
| > access
| > | wizard and I'm still having the same issues... no VPN connection.
| > |
| > | The network is running Windows SBS 2003 Premium, with ISA 2004
(installed
| > | from the premium media)
| > |
| > | I have installed SP3 for ISA Server as suggested, and also SP2 for
| > Windows
| > | 2003 Server.
| > |
| > | The network has an ADSL internet connection coming into a US Robotics
| > Router
| > | (192.168.8.254,255.255.255.0) (which has 1723 and GRE forwarded), the
WAN
| > of
| > | the SBS server is connected directly to the routers LAN (WAN IP
| > 192.168.8.1),
| > | the LAN of the SBS is 192.168.81.1.
| > |
| > | I have attempted to plug myself directly into the LAN of the US
Robotics
| > | (giving myself a 192.168.8.50 address) to see if the US Robotics
router
| > is
| > | the issue, I still have the same issue, clicking connect in VPN on
Vista
| > or
| > | XP immediately responds with unable to connect,
| > |
| > | I can see the client trying to connect in the live monitoring on the
ISA
| > | console.
| > |
| > | can anyone give me any pointers, I have been through the ISA consoles
VPN
| > | step by step check list thing, though I may be over looking something.
| > |
| > | regards,
| > |
| > | Anthony
| > |
| > |
| > | "Anthony from Solution One Ltd." wrote:
| > |
| > | > thanks Cris and Pedro,
| > | >
| > | > you have both been big helps.
| > | >
| > | > cheers
| > | >
| > | > Anthony
| > | >
| > | > "Pedro CR" wrote:
| > | >
| > | > > also, if using a router to connect to the internet, make sure it
| > supports vn pass-through and that it is setup to forward vpn traffic to
the
| > sbs server (prtocol 47 - GRE - and also the appropriate PPTP port).
| > | > >
| > | > > pedro.
| > | > > "Cris Hanna [SBS-MVP]" <crisnospamhanna@xxxxxxxxxxxxxxxxxxxxx>
| > escreveu na mensagem news:uv5gb7JSIHA.748@xxxxxxxxxxxxxxxxxxxxxxx
| > | > > Assuming that you installed the ISA 2004 from the SBS Media
| > | > > apply ISA 2004 SP3
| > | > > Then re-run the CEICW and Remote Access Wizards.
| > | > >
| > | > > --
| > | > > Cris Hanna [SBS-MVP]
| > | > > -------------------------------------------------
| > | > > Microsoft MVPs
| > | > > Independent Experts (MVPs do not work for MS)
| > | > > Real World Answers
| > | > > ---------------------------------------------------------
| > | > > Please do not contact me directly regarding issues
| > | > >
| > | > > "Anthony from Solution One Ltd."
| > <AnthonyfromSolutionOneLtd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
| > news:3565856B-EADB-4B29-92FE-53A16FE36629@xxxxxxxxxxxxxxxx
| > | > > I have a client who has just brought a server with SBS 2003
R2
| > Premium, I had
| > | > > run the Internet and Email wizard and the Remote Access
wizard
| > (never
| > | > > actually using VPN on this site) a couple of months ago, now
the
| > client
| > | > > wishes to have ISA Server 2004 installed and actually use
VPN, I
| > have
| > | > > installed the ISA Server, and it all seems to be working...
but I
| > cannot get
| > | > > VPN to work,
| > | > >
| > | > > Do I just need to run the SBS Remote Access Wizard, or is
there
| > more steps
| > | > > involved with ISA 2004?
| > | > >
| > | > >
| > |
| >
| >
|
.
- References:
- Re: VPN with SBS Premuim
- From: Anthony from Solution One Limited.
- Re: VPN with SBS Premuim
- From: Manfred Zhuang [MSFT]
- Re: VPN with SBS Premuim
- From: Anthony from Solution One Ltd.
- Re: VPN with SBS Premuim
- Prev by Date: Re: Slow Network
- Next by Date: RE: SBS2003 installation problems
- Previous by thread: Re: VPN with SBS Premuim
- Next by thread: Re: Specified network name is no longer available
- Index(es):
Relevant Pages
|
Loading
