Registered users    
MembershipMembership:
Latest New UserLatest:jenisa villarin
New TodayNew Today:13
New YesterdayNew Yesterday:9
User CountOverall:23322
Private messaging    
You must be logged in to use this module.
Top 10 posters    
NamePosts
Mariette Knap12890
Marina Roos12507
Eriq Neale2114
Stan Guinn1913
Michael Patrick1912
Robert Pearman1770
Nick Pieters1425
Stewart Brown616
william warren598
Kevin D.579
Welcome unauthorized visitor    
If you want to join us in the discussions on this forum you need to register first. Registration is free! If you are already a registered user please login to join the forum.
Small Business Server Support Forum    
Forums > Microsoft Small Business Server 2003 & 2000 > ISA Server 2004
Subject: VPN & ISA 2004
Prev Next
You are not authorized to post a reply.

Author Messages
matthew phillips User is Offline
United Kingdom
Member since
10/13/2006

Platinum Membership
Posts: 4
7/27/2007 12:57 AM  
Hello everyone
 
I have recently "Swung" my SBS 2003 Standard server (30 CAL’s no hard disk space, little memory and 1 * P4 Processor) to a new box with 2003 Prem.
 
The swing migration worked as it says on the tin (Cheers Tim who worked through the reams of notes). However, my old box didn’t have ISA on it, but I thought now would be a good time to go for it.  Im presuming ISA is the problem here, It may prove not.
 
All the internet access is working fine, OWA & RWW are up and running as expected.  However incoming VPN connections are behaving very odd. 
 
1)      Using the SBS Connection manager, the client states that it is trying to verify the username and password, but eventually times out with the following message
 
The remote computer did not respond. For further assistance, click More Info or search Help and Support Center for this error number. (Error 721) For customized troubleshooting information for this connection, click Help.
 
The log file has this line in it :   On-Error Event  ErrorCode = 721 ErrorSource = RAS
 
 2)      I have one computer that is external, has never connected to the domain and always works (VPN connects no problem). 
 
3)      ISA does not have much logged, I’m very new to it so forgive me.  This is the only thing I could find. Description:
 
The VPN connection attempt by user domain\user from VPN client IP address 82.16.287.124 could not be established.
The failure is due to error: 0xc0040021

Just to add a bit more information.  The server runs two network cards one to the LAN and the External network card is connected directly to conexant router.
 
Thanks for any help

Mat
Marina Roos User is Offline
The Netherlands
Member since
3/24/2005

Forum Admins
Posts: 12507
7/27/2007 02:37 AM  
Hi Mat,
 
Which method did you use the Swing?
Please, post an ipconfig /all from the server and a workstation. Open a command prompt by opening Start -> Run from the Start Menu and type cmd. From the command prompt type ipconfig /all >ip.txt. Attach this file to your answer.
Which service packs are installed?
Marina Roos Smallbizserver.Net AdministratorMission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local  network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain'
matthew phillips User is Offline
United Kingdom
Member since
10/13/2006

Platinum Membership
Posts: 4
7/27/2007 09:22 AM  
IPconfig from the Workstation that will not connect and the server .  I will post the ipsettings from the PC that will connect once I get to the office.
 
The Workstations are XP SP2
The server is SBS 2003 SP1
ISA Is Version: 4.0.2163.213
The swing migarartion was a 2003 redeploy.

Cheers
Mat

Attachment: 1727221490671.txt
Attachment: 1727221492154.txt
Marina Roos User is Offline
The Netherlands
Member since
3/24/2005

Forum Admins
Posts: 12507
7/27/2007 04:22 PM  
Hi Mat,
 
Server's ipconfig is good and I assume that the workstation is from a remote location. Your Exchange server doesn't seem to have SP2 yet. If you can connect from another remote workstation with VPN, something is not setup right with this workstation. Error 721 is pointing to GRE protocol.
Marina Roos Smallbizserver.Net AdministratorMission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local  network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain'
matthew phillips User is Offline
United Kingdom
Member since
10/13/2006

Platinum Membership
Posts: 4
7/27/2007 07:51 PM  
This used to work fine before the addition of ISA. The majority of machines won't connect itst the one that does which is the odd one out.

I have worked around by using RWW and remote desktop for now, but am still in search of a resolution

Thanks

Mat
Marina Roos User is Offline
The Netherlands
Member since
3/24/2005

Forum Admins
Posts: 12507
7/28/2007 03:44 AM  
Hi Mat,
 
What is the difference between the machines that can connect and the ones that can't?
Marina Roos Smallbizserver.Net AdministratorMission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local  network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain'
matthew phillips User is Offline
United Kingdom
Member since
10/13/2006

Platinum Membership
Posts: 4
7/28/2007 01:10 PM  
PC That connects
Bt Broadband
10.0.0.* Range
Connected to different SBS Network (2003 Standard, no ISA)

One of the PC's that won't connect (there are many)
Newnet Broadband
192.168.0.* Range
no domain connection

apart from that there are no obvious differences.

Mat
Marina Roos User is Offline
The Netherlands
Member since
3/24/2005

Forum Admins
Posts: 12507
7/29/2007 06:06 PM  
Hi Mat,
 
With SP3 on ISA 2004 you will have more logging options to see what is going on when vpn connections are being established (or not). It surely can't be the server having set something wrong, else nobody would be able to connect with VPN.
Marina Roos Smallbizserver.Net AdministratorMission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local  network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain'
You are not authorized to post a reply.
Forums > Microsoft Small Business Server 2003 & 2000 > ISA Server 2004 > VPN & ISA 2004


ActiveForums 3.7
Forum policy    
These Discussion Forums are dedicated to the discussion of the Small Business Server and related server and client software. For the benefit of the community please observe the following posting guidelines:
  1. No Advertising. This includes promotion of commercial products and non-commercial products which are not directly related to Small Business Server and related server and client software.
  2. No Flaming or Trolling.
  3. No Profanity, Racism, or Prejudice.
  4. Site Moderators have the final word on approving/removing a thread or post or comment.
Copyright 2002-2008 Concentrix b.v.    :   Page generated in 0.3281271 seconds.   :   Terms Of Use   :   Privacy Statement