ISA Server as VPN Server

[allenEd]

HI,

We have an ISA server (W2000) Server), and would like to set it up to except VPN connections from remote clients. When ever I setup RAS on the ISA server, Lan users cant browse the internet. As soon as I stop the Ras service, Lan clients can connect again.

Any ideas, or help on this?

thanks
Allen.

 

[buddafish]

allenED,

i am using our isa box with rras, no problems. what are you configs in the properties of the server in rras ?

scottie

 

[allenEd]

Even with the default configs, when I add the server in RAS and run the wizard, bind the two nics, (one for the internet and the other for the Lan), it knocks off internet users.

 

[buddafish]

allenEd,

it has been some time since i built this server but i recall needing to modify the defaults.

here is a look at my properties"
General Tab: Router = true
Remote Access Server = true
Lan & Demand Dial Routing = true

IP Tab:
Enable IP Forwarding = true
Allow IP-base remote access... = true

best of luck

scottie

 

[jroach1]

I had this problem also. My solution was in the routing table on the W2k box with ISA. When I started RRAS service, it added a route directing internal traffic to the external NIC. You can see the routing table by doing a route print command. I then did a route delete of this route, like this (for class c network block, with x.y.z.2 as the external public IP address): route delete x.y.z.0 mask 255.255.255.0 x.y.z.2. I also added in the route for the internal nic IP address (.10) making it persistent, like this: route add -p x.y.z.0 mask 255.255.255.0 x.y.z.10. This did the trick. When I restart the server and thus RRAS, I have to delete that first route again, so I created a batch file to run after the server boots. I hope this helps. Jim

 

[allenEd]

Thanks Jim,

I will try your suggestion.

Allen