1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

ISA & VPN

Discussion in 'Windows Server System' started by nnmmss, 2005/10/22.

  1. 2005/10/22
    nnmmss

    nnmmss Inactive Thread Starter

    Joined:
    2005/10/05
    Messages:
    9
    Likes Received:
    0
    Hi

    I have ISA 2000 and want to make a VPN connection to a VPN Server outside in internet, i get this error message

    403 Forbidden - The ISA Server denies the specified Uniform Resource Locator
    (URL). (12202)
    Internet Security and Acceleration Server

    my ip address is :192.168.1.76
    ISA internal Ip address: 192.168.136.136
    LAT in ISA Server:192.168.0.0 - 192.168.255.255

    when i make a connection to VPN Server , outside in internet, i wiil get
    another IP like : 69.xx.xx.xx

    and when i make a VPN Connection * then surf the web, this will be logged
    like following
    127.0.0.1|anonymous|Mozilla/4.0|N|2005-10-22|11:33:57|w3proxy|ISA|-|www.microsoft.com|-|80|-|668 1971|http|TCP|GET|http://www.microsoft.com/technet|-|-|403|-|-|-

    i don't know why it looged as 127.0.0.1 and why anonymous, and should i do
    for authentication?
    what is the problem?
     
    nnmmss,
    #1
  2. 2005/10/25
    ReggieB

    ReggieB Inactive Alumni

    Joined:
    2004/05/12
    Messages:
    2,786
    Likes Received:
    2
    From the information you have given it appears that you are using a 255.255.0.0 mask with your 192.168.x.x subnet. No reason why that won't work, but it will cause routing problems if the VPN server is also on a local 192.168.x.x subnet. That is the systems at either end of the VPN tunnel may well get confused as to what is traffic from their local network and what is traffic from the remote network.

    A basic rule of network routing is that each subnet in any network must be unique. That rule is not side-stepped by using VPN. All VPN does is effectively reduce the number of networks.

    By using a 255.255.0.0 subnet with 192.168.x.x. on your network, you've effectively prevented VPN commnication with any other 192.168.x.x network.

    I suspect that ISA may be blocking the connection because it has detected such a problem.

    127.0.0.1 is you loopback address. Every PC has the address 127.0.0.1 and this is often the first entry in the routing table. If you look up a PCs own IP address you can get either the network IP address or the loopback address. Either can appear in logs. In a log 127.0.0.1 tells you it was the local PC making the request.

    The majority of internet browsing is done anonymously; or it is at least the default.
     
    ReggieB,
    #2


  3. to hide this advert.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...