. Setting up the initial VPN Connection can be challenging to troubleshoot as there
aren??™t obvious logs created. Check the Windows Event Viewer for RRAS events that
would indicate issues. Monitor the connection within the Monitoring node and the
Sessions tab.
. The site-to-site VPN connection is created by the servers using local accounts to
connect via standard VPN client methods. This means that all VPN client considerations
must be in place, including a method for giving the client??™s IP addresses, and
enabling client access on the server.
. The Security Configuration Wizard (SCW) for Windows Server 2003, which can lock
down an ISA server, has a default setting that disables local accounts from being
used. If this is set, the VPN site-to-site connection will fail and it will not be obvious
why. Run the SCW to see the current config.
Preparing ISA Servers for Site-to-Site VPN
Capabilities
Because ISA Server 2006 is first and foremost a security server, many pieces of ISA functionality
are disabled by default. This is true for VPN functionality as well. All VPN
options, including site-to-site VPN capabilities, must be physically enabled before VPN
connections can be made.
Pages:
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486