f5ferrari Posted February 19, 2008 Share Posted February 19, 2008 Hi people I've been tearing my hair out over this so hoping someone can give me a hand before I go bald! I've setup my Microsoft ISA 2006 server to allow remote access via VPN, I can connect via VPN locally within the network however when I try external it fails, my ISA server is behind another ISA server which has apparently be select to allow traffic from port 500, 4500 and 1701 however when I look at my firewall log it only shows requests coming to port 500 and 4500 as shown below, none to port 1701.VPN Setup:L2TP ProtocolIPSec Preshared Key (for now.. will update to certificate based auth later on)Network Layout:Internet --> 1st ISA --> 2nd ISA (the one within my building) --> Internal NetworkSnippet from ISA Firewall Log - Note IP address have been removedBLACKHOLE 2008-02-19 07:57:02 UDP <<USERIP>>:61079 <<2ndISA IP>>:500 87.194.101.102 External Local Host Establish 0x0 [System] Allow VPN client traffic to ISA Server IKE Client 0 0 0 0 - - - - 184502 2249727BLACKHOLE 2008-02-19 08:05:14 UDP <<USERIP>>:61079 <<2ndISA IP>>:500 87.194.101.102 External Local Host Terminate 0x80074e20 [System] Allow VPN client traffic to ISA Server IKE Client 2400 2400 7280 7280 492000Am guessing that the 1701 (L2TP Client) port has not been opened on the first ISA server that is causing this problem however when I confirmed whether it was open I was told it was... but with the fact I am not even seeing L2TP client hitting the firewall nevermind being even allowed or disallow I still think its blocked.Anyone got any ideas? Thanks Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now