Hi
I have been searching for answers for my VPN issue with ISA 2004, and so far I dont have any good answers so maybe you guys can help me out here...
I have one ISA 2004 server running on Windows server 2003 (192.168.1.7) and its running DNS service as a stub zone.
Primary DC and DHCP and DNS server is a SBS 2003 server (192.168.1.1). The network only have one subnet.
When I VPN (PPTP) in to our ISA Server I can login with my user credentials as I would expect. However when I'm logged in I can't access any shared folders on the DC or not even ping or in any other way browse shares and servers.
But when I uncheck "use default gateway on remote network"
in the TCP/IP properties for the VPN connection on my client I can browse the network as I would if i was on my companys LAN.
However this seems to be a bad idea since Split Tunneling poses a security risk.
So when I'm logged in to the VPN server with "use default gateway on remote network" checked, the gateway isn't the same as the LAN computers (their default gateway is the ISA 2004 server). Why does the gateway information change for the VPN clients, it seems like ISA gives ip-adresses from the SBS DHCP adress pool and the VPN clients gateway ip is one of the ones reserved by ISA to give to the VPN client.
If I make ISA as a DHCP server instead of SBS make this problem go away?
I have followed guides on as well as a book written by Tom Shinder who is behind the site. And I have made rules for VPN clients network to access servers on Internal network.
Please advice
Ben
I have been searching for answers for my VPN issue with ISA 2004, and so far I dont have any good answers so maybe you guys can help me out here...
I have one ISA 2004 server running on Windows server 2003 (192.168.1.7) and its running DNS service as a stub zone.
Primary DC and DHCP and DNS server is a SBS 2003 server (192.168.1.1). The network only have one subnet.
When I VPN (PPTP) in to our ISA Server I can login with my user credentials as I would expect. However when I'm logged in I can't access any shared folders on the DC or not even ping or in any other way browse shares and servers.
But when I uncheck "use default gateway on remote network"
in the TCP/IP properties for the VPN connection on my client I can browse the network as I would if i was on my companys LAN.
However this seems to be a bad idea since Split Tunneling poses a security risk.
So when I'm logged in to the VPN server with "use default gateway on remote network" checked, the gateway isn't the same as the LAN computers (their default gateway is the ISA 2004 server). Why does the gateway information change for the VPN clients, it seems like ISA gives ip-adresses from the SBS DHCP adress pool and the VPN clients gateway ip is one of the ones reserved by ISA to give to the VPN client.
If I make ISA as a DHCP server instead of SBS make this problem go away?
I have followed guides on as well as a book written by Tom Shinder who is behind the site. And I have made rules for VPN clients network to access servers on Internal network.
Please advice
Ben
