Registered users    
MembershipMembership:
Latest New UserLatest:Chris Naylor
New TodayNew Today:10
New YesterdayNew Yesterday:11
User CountOverall:23325
Private messaging    
You must be logged in to use this module.
Top 10 posters    
NamePosts
Mariette Knap12894
Marina Roos12507
Eriq Neale2114
Stan Guinn1913
Michael Patrick1912
Robert Pearman1771
Nick Pieters1425
Stewart Brown616
william warren601
Kevin D.579
Welcome unauthorized visitor    
If you want to join us in the discussions on this forum you need to register first. Registration is free! If you are already a registered user please login to join the forum.
Small Business Server Support Forum    
Forums > Microsoft Small Business Server 2003 & 2000 > ISA Server 2004
Subject: PPTP / VPN / WEB Problem ?!?
Prev Next
Topic is locked

Author Messages
Andrew Vint User is Offline
United Kingdom
Member since
1/30/2007

Registered Users
Posts: 9
7/30/2007 11:00 PM  
Hi,
 
I have come across a strange scenario.
I have had a SBS 2003 server in place for almost a year now without any issues.
In the last two days however the Web Publishing and VPN access has suddenly stopped.
I have checked the config and nothing has changed.
The only difference from last week is that i am getting a few errors in the event viewer that I wasnt getting before.
 
They are as follows;
---------------------------------------------------------------
Source: Security
Category: Logon/Logoff
Type: Failure Audit
Event ID: 547
User: NT AUTHORITY\NETWORK SERVICE
Description:
 
IKE Security association negotiation failed
Mode: key Exchange Mode (Main Mode)
 
Failure Point: Peer
Failure Reason: IKE failed to find valid machine certificate
---------------------------------------------------------------
And when i monitor the incoming connection in the ISA monitoring the following failure message appears;
---------------------------------------------------------------
Failed Connection Attempt
Log Type: Firewall Service
Status: No connection could be made because the target machine actively refused it.
Rule: Allow VPN client traffic to ISA Server
Source: External (xx.xx.xx.xx:57003)
Destination: Local Host (xx.xx.xx.xx:1723
Protocol: PPTP
---------------------------------------------------------------
If i try to connect to the default website from an external source (works internally) i get a connection refused message in internet explorer and at least 10 consecutive Inititiated connection and closed Connection in the ISA Monitor.
 
The Closed connection gives a status of  ' A connection was abortively closed after one of the peers sent a RST segment.'
 
It is obvious something is wrong but i am not sure what, any advice or pointers would be greatly appreciated.
 
Thanks
 
Andrew
Stewart Brown User is Offline
United States
Member since
8/22/2005

Platinum Membership
Posts: 616
7/31/2007 05:53 PM  
just a guess: has a certificate expired recently?
Andrew Vint User is Offline
United Kingdom
Member since
1/30/2007

Registered Users
Posts: 9
8/08/2007 10:26 PM  
Hi sorry for the delay in providing a response, i have spent the last few weeks getting that server up and running at optimum performance.
 
I have installed all service packs (SP2) for windows, for Exchange 2003 (SP3) and ISA Server 2004 (SP3) along with all patches/updates/hotfixes on the microsoft update website.
 
I have rebooted the server on several occasions after clearing all the event logs and i am getting absolutely no errors warning or critical.
 
The email works fine, the internet access works fine, i can VNC on to the box remotely, i have checked with the ISP that they are not blocking any ports and they stated as it was a business line all ports are open and there is no blocking or packet shaping on the line.
 
All good i hear you say ...... well i am afraid not ..... i still cant access any websites on the server and i am unable to vpn onto the server from the external NIC.
 
I have checked the websites internally and the VPN internally and as long as i use the local DNS names it all works fine.
 
Try to use the external dns names and it stps working.
 
When monitoring the inbound traffic HTTP connects then closes repeatedly giving error 0x80074e21 as far as the inbound VPN is concerned i get PPTP failed omn the rule 'Allow VPN traffic to ISA Server' with an error code of 0x8007274d.
 
It must be noted however that the rule that is blocking the PPTP traffic is not listed in the firewall policy ?!?
 
I am at my wits end so short of backing this server up and rebuilding it from scratch i would greatly appreciate some help.
 
Or indeed suggestions of where to look for a resolution to my problem.
 
Thanks in advance
 
Andrew
Marina Roos User is Offline
The Netherlands
Member since
3/24/2005

Forum Admins
Posts: 12507
8/12/2007 06:11 PM  
Hi Andrew,
 
Marina Roos Smallbizserver.Net AdministratorMission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local  network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain'
Topic is locked
Forums > Microsoft Small Business Server 2003 & 2000 > ISA Server 2004 > PPTP / VPN / WEB Problem ?!?


ActiveForums 3.7
Forum policy    
These Discussion Forums are dedicated to the discussion of the Small Business Server and related server and client software. For the benefit of the community please observe the following posting guidelines:
  1. No Advertising. This includes promotion of commercial products and non-commercial products which are not directly related to Small Business Server and related server and client software.
  2. No Flaming or Trolling.
  3. No Profanity, Racism, or Prejudice.
  4. Site Moderators have the final word on approving/removing a thread or post or comment.
Copyright 2002-2008 Concentrix b.v.    :   Page generated in 0.2968769 seconds.   :   Terms Of Use   :   Privacy Statement