| Author |
Message |
Paul Pincente
Guest
|
 Posted:
Sun Jan 16, 2005 1:27 am Post subject:
ISA and Check Point |
|
|
Hi All,
I recently added ISA 2000 to an SBS 2003 box and I'm running into some
challenges... Browsing the Internet is OK from the client PCs, but not from
the Macs on the network - there is only three Macs, so this isn't a big
priority.
Before, with the basic firewall, I was able to use RWW from inside this
particular network to connect to various other SBS Servers that I manage, now
that ISA has been installed I can't do that anymore - I get as far as
selecting the server to connect to, then thats it... nada.
That's still a minor problem - the big problem is that one client PC uses a
Check Point Secure Remote VPN Client to connect to an external server for a
critical business process, and since the ISA server was installed, that
connection no longer happens. Big problem.
If there are any ISA gurus out there that have had a similar situation and
can help or point to some resources that would help me, it would be much
appreciated!
Failing that, does anybody know how I can 'disable' ISA, or at least set up
a configuration that mimics the pre-ISA basic NAT firewall so that I can at
least get this client connecting while I try to figure it out... or do I have
to uninstall ISA??
Thanks in advance gang, you all rock!
Paul |
|
| Back to top |
|
 |
Merv Porter [SBS-MVP]
Guest
|
| Posted:
Sun Jan 16, 2005 1:42 am Post subject:
Re: ISA and Check Point |
|
|
Hmmm... not an ISA guru, but see if this helps:
http://groups-beta.google.com/group/microsoft.public.backoffice.smallbiz2000/browse_frm/thread/5bd756f0d3a9b072/7e11bf098c77a244?q=checkpoint+vpn+isa+sbs+2003&_done=%2Fgroups%3Fhl%3Den%26lr%3D%26q%3Dcheckpoint+vpn+isa+sbs+2003%26&_doneTitle=Back+to+Search&&d#7e11bf098c77a244
--
Merv Porter [SBS MVP]
===================================
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in message
news:FC5C3988-0CB9-4D62-B86D-A29B0CEC4498@microsoft.com...
| Quote: | Hi All,
I recently added ISA 2000 to an SBS 2003 box and I'm running into some
challenges... Browsing the Internet is OK from the client PCs, but not
from
the Macs on the network - there is only three Macs, so this isn't a big
priority.
Before, with the basic firewall, I was able to use RWW from inside this
particular network to connect to various other SBS Servers that I manage,
now
that ISA has been installed I can't do that anymore - I get as far as
selecting the server to connect to, then thats it... nada.
That's still a minor problem - the big problem is that one client PC uses
a
Check Point Secure Remote VPN Client to connect to an external server for
a
critical business process, and since the ISA server was installed, that
connection no longer happens. Big problem.
If there are any ISA gurus out there that have had a similar situation and
can help or point to some resources that would help me, it would be much
appreciated!
Failing that, does anybody know how I can 'disable' ISA, or at least set
up
a configuration that mimics the pre-ISA basic NAT firewall so that I can
at
least get this client connecting while I try to figure it out... or do I
have
to uninstall ISA??
Thanks in advance gang, you all rock!
Paul |
|
|
| Back to top |
|
|
Paul Pincente
Guest
|
| Posted:
Sun Jan 16, 2005 6:43 am Post subject:
Re: ISA and Check Point |
|
|
Thanks for the reply Merv,
Didn't quite help, not too much detail there... I actually looked around
quite a bit before I tried here, but no luck yet. Being relatively new to
ISA, I guess its time to start getting under the hood!
Thanks again,
PP
"Merv Porter [SBS-MVP]" wrote:
| Quote: | Hmmm... not an ISA guru, but see if this helps:
http://groups-beta.google.com/group/microsoft.public.backoffice.smallbiz2000/browse_frm/thread/5bd756f0d3a9b072/7e11bf098c77a244?q=checkpoint+vpn+isa+sbs+2003&_done=%2Fgroups%3Fhl%3Den%26lr%3D%26q%3Dcheckpoint+vpn+isa+sbs+2003%26&_doneTitle=Back+to+Search&&d#7e11bf098c77a244
--
Merv Porter [SBS MVP]
===================================
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in message
news:FC5C3988-0CB9-4D62-B86D-A29B0CEC4498@microsoft.com...
Hi All,
I recently added ISA 2000 to an SBS 2003 box and I'm running into some
challenges... Browsing the Internet is OK from the client PCs, but not
from
the Macs on the network - there is only three Macs, so this isn't a big
priority.
Before, with the basic firewall, I was able to use RWW from inside this
particular network to connect to various other SBS Servers that I manage,
now
that ISA has been installed I can't do that anymore - I get as far as
selecting the server to connect to, then thats it... nada.
That's still a minor problem - the big problem is that one client PC uses
a
Check Point Secure Remote VPN Client to connect to an external server for
a
critical business process, and since the ISA server was installed, that
connection no longer happens. Big problem.
If there are any ISA gurus out there that have had a similar situation and
can help or point to some resources that would help me, it would be much
appreciated!
Failing that, does anybody know how I can 'disable' ISA, or at least set
up
a configuration that mimics the pre-ISA basic NAT firewall so that I can
at
least get this client connecting while I try to figure it out... or do I
have
to uninstall ISA??
Thanks in advance gang, you all rock!
Paul
|
|
|
| Back to top |
|
|
Merv Porter [SBS-MVP]
Guest
|
| Posted:
Sun Jan 16, 2005 7:47 am Post subject:
Re: ISA and Check Point |
|
|
If you're new to ISA, Chad Gross's article may help give you an overview...
ISA for Dummies
http://www.smallbizserver.net/Default.aspx?tabid=91
Maybe another Checkpoint/ISA thread
http://groups-beta.google.com/group/microsoft.public.backoffice.smallbiz2000/browse_frm/thread/8764320943cf8b62/0b21964f3244b3d7?q=checkpoint+vpn+isa&_done=%2Fgroups%3Fq%3Dcheckpoint+vpn+isa%26start%3D10%26hl%3Den%26lr%3D%26&_doneTitle=Back+to+Search&&d#0b21964f3244b3d7
And another...
http://groups-beta.google.com/group/microsoft.public.isa/browse_frm/thread/dafc7ac6b1c3b240/c25ea8b255c0a7ce?q=checkpoint+vpn+isa&_done=%2Fgroups%3Fq%3Dcheckpoint+vpn+isa%26start%3D10%26hl%3Den%26lr%3D%26&_doneTitle=Back+to+Search&&d#c25ea8b255c0a7ce
One more...
http://groups-beta.google.com/group/microsoft.public.isaserver/browse_frm/thread/acb0bb772c2e584a/e2f6fadb25d47fb0?q=checkpoint+vpn+isa&_done=%2Fgroups%3Fq%3Dcheckpoint+vpn+isa%26start%3D40%26hl%3Den%26lr%3D%26&_doneTitle=Back+to+Search&&d#e2f6fadb25d47fb0
OK, one more...
http://groups-beta.google.com/group/microsoft.public.isaserver/browse_frm/thread/def5d695d01aab92/6e4c3ce65f69bad6?q=checkpoint+vpn+isa&_done=%2Fgroups%3Fq%3Dcheckpoint+vpn+isa%26start%3D70%26hl%3Den%26lr%3D%26&_doneTitle=Back+to+Search&&d#6e4c3ce65f69bad6
How to pass IPSec traffic through ISA Server
http://www.isaserver.org/articles/IPSec_Passthrough.html
SecuRemote UDP encapsulation & ISA
http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=13;t=000326
General Google server: "checkpoint vpn isa sbs"
http://groups-beta.google.com/groups?hl=en&lr=&q=checkpoint+vpn+isa+sbs
--
Merv Porter [SBS MVP]
===================================
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in message
news:290073E8-0535-4935-985F-17B2FC40E40A@microsoft.com...
| Quote: | Thanks for the reply Merv,
Didn't quite help, not too much detail there... I actually looked around
quite a bit before I tried here, but no luck yet. Being relatively new to
ISA, I guess its time to start getting under the hood!
Thanks again,
PP
"Merv Porter [SBS-MVP]" wrote:
Hmmm... not an ISA guru, but see if this helps:
http://groups-beta.google.com/group/microsoft.public.backoffice.smallbiz2000/browse_frm/thread/5bd756f0d3a9b072/7e11bf098c77a244?q=checkpoint+vpn+isa+sbs+2003&_done=%2Fgroups%3Fhl%3Den%26lr%3D%26q%3Dcheckpoint+vpn+isa+sbs+2003%26&_doneTitle=Back+to+Search&&d#7e11bf098c77a244
--
Merv Porter [SBS MVP]
===================================
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in
message
news:FC5C3988-0CB9-4D62-B86D-A29B0CEC4498@microsoft.com...
Hi All,
I recently added ISA 2000 to an SBS 2003 box and I'm running into some
challenges... Browsing the Internet is OK from the client PCs, but not
from
the Macs on the network - there is only three Macs, so this isn't a
big
priority.
Before, with the basic firewall, I was able to use RWW from inside
this
particular network to connect to various other SBS Servers that I
manage,
now
that ISA has been installed I can't do that anymore - I get as far as
selecting the server to connect to, then thats it... nada.
That's still a minor problem - the big problem is that one client PC
uses
a
Check Point Secure Remote VPN Client to connect to an external server
for
a
critical business process, and since the ISA server was installed,
that
connection no longer happens. Big problem.
If there are any ISA gurus out there that have had a similar situation
and
can help or point to some resources that would help me, it would be
much
appreciated!
Failing that, does anybody know how I can 'disable' ISA, or at least
set
up
a configuration that mimics the pre-ISA basic NAT firewall so that I
can
at
least get this client connecting while I try to figure it out... or do
I
have
to uninstall ISA??
Thanks in advance gang, you all rock!
Paul
|
|
|
| Back to top |
|
|
Frank McCallister SBS MVP
Guest
|
| Posted:
Sun Jan 16, 2005 7:57 am Post subject:
Re: ISA and Check Point |
|
|
Hi Paul
Are you trying to RWW from the server to another ISA? If so that won't work
by default but you should be able to RWW from Workstations to another ISA. I
think there is a way to get RWW from server but I can't find my notes on
that right now. For WS you should be using the ISA Firewall Client.
--
Frank McCallister SBS MVP
COMPUMAC
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in message
news:FC5C3988-0CB9-4D62-B86D-A29B0CEC4498@microsoft.com...
| Quote: | Hi All,
I recently added ISA 2000 to an SBS 2003 box and I'm running into some
challenges... Browsing the Internet is OK from the client PCs, but not
from
the Macs on the network - there is only three Macs, so this isn't a big
priority.
Before, with the basic firewall, I was able to use RWW from inside this
particular network to connect to various other SBS Servers that I manage,
now
that ISA has been installed I can't do that anymore - I get as far as
selecting the server to connect to, then thats it... nada.
That's still a minor problem - the big problem is that one client PC uses
a
Check Point Secure Remote VPN Client to connect to an external server for
a
critical business process, and since the ISA server was installed, that
connection no longer happens. Big problem.
If there are any ISA gurus out there that have had a similar situation and
can help or point to some resources that would help me, it would be much
appreciated!
Failing that, does anybody know how I can 'disable' ISA, or at least set
up
a configuration that mimics the pre-ISA basic NAT firewall so that I can
at
least get this client connecting while I try to figure it out... or do I
have
to uninstall ISA??
Thanks in advance gang, you all rock!
Paul |
|
|
| Back to top |
|
|
Paul Pincente
Guest
|
| Posted:
Mon Jan 17, 2005 12:18 am Post subject:
Re: ISA and Check Point |
|
|
No, just a WS to an external SBS box with no ISA on it, just basic NAT -
worked before the install of ISA - even with the firewall client I get
nothing! Weird stuff...
I would think it should work out of the box with no additional
configuration....
"Frank McCallister SBS MVP" wrote:
| Quote: | Hi Paul
Are you trying to RWW from the server to another ISA? If so that won't work
by default but you should be able to RWW from Workstations to another ISA. I
think there is a way to get RWW from server but I can't find my notes on
that right now. For WS you should be using the ISA Firewall Client.
--
Frank McCallister SBS MVP
COMPUMAC
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in message
news:FC5C3988-0CB9-4D62-B86D-A29B0CEC4498@microsoft.com...
Hi All,
I recently added ISA 2000 to an SBS 2003 box and I'm running into some
challenges... Browsing the Internet is OK from the client PCs, but not
from
the Macs on the network - there is only three Macs, so this isn't a big
priority.
Before, with the basic firewall, I was able to use RWW from inside this
particular network to connect to various other SBS Servers that I manage,
now
that ISA has been installed I can't do that anymore - I get as far as
selecting the server to connect to, then thats it... nada.
That's still a minor problem - the big problem is that one client PC uses
a
Check Point Secure Remote VPN Client to connect to an external server for
a
critical business process, and since the ISA server was installed, that
connection no longer happens. Big problem.
If there are any ISA gurus out there that have had a similar situation and
can help or point to some resources that would help me, it would be much
appreciated!
Failing that, does anybody know how I can 'disable' ISA, or at least set
up
a configuration that mimics the pre-ISA basic NAT firewall so that I can
at
least get this client connecting while I try to figure it out... or do I
have
to uninstall ISA??
Thanks in advance gang, you all rock!
Paul
|
|
|
| Back to top |
|
|
Paul Pincente
Guest
|
| Posted:
Mon Jan 17, 2005 12:18 am Post subject:
Re: ISA and Check Point |
|
|
Hi Merv,
I went through pretty much all of the links you sent me before I posted
here, still nothing!
One of the threads even had a configuration script to use to set up all the
ports and protocols, and I still can't get the damn thing to connect. I must
be missing something very simple... the hunt continues!
Thanks again for all your help thusfar!
Paul
"Merv Porter [SBS-MVP]" wrote:
| Quote: | If you're new to ISA, Chad Gross's article may help give you an overview...
ISA for Dummies
http://www.smallbizserver.net/Default.aspx?tabid=91
Maybe another Checkpoint/ISA thread
http://groups-beta.google.com/group/microsoft.public.backoffice.smallbiz2000/browse_frm/thread/8764320943cf8b62/0b21964f3244b3d7?q=checkpoint+vpn+isa&_done=%2Fgroups%3Fq%3Dcheckpoint+vpn+isa%26start%3D10%26hl%3Den%26lr%3D%26&_doneTitle=Back+to+Search&&d#0b21964f3244b3d7
And another...
http://groups-beta.google.com/group/microsoft.public.isa/browse_frm/thread/dafc7ac6b1c3b240/c25ea8b255c0a7ce?q=checkpoint+vpn+isa&_done=%2Fgroups%3Fq%3Dcheckpoint+vpn+isa%26start%3D10%26hl%3Den%26lr%3D%26&_doneTitle=Back+to+Search&&d#c25ea8b255c0a7ce
One more...
http://groups-beta.google.com/group/microsoft.public.isaserver/browse_frm/thread/acb0bb772c2e584a/e2f6fadb25d47fb0?q=checkpoint+vpn+isa&_done=%2Fgroups%3Fq%3Dcheckpoint+vpn+isa%26start%3D40%26hl%3Den%26lr%3D%26&_doneTitle=Back+to+Search&&d#e2f6fadb25d47fb0
OK, one more...
http://groups-beta.google.com/group/microsoft.public.isaserver/browse_frm/thread/def5d695d01aab92/6e4c3ce65f69bad6?q=checkpoint+vpn+isa&_done=%2Fgroups%3Fq%3Dcheckpoint+vpn+isa%26start%3D70%26hl%3Den%26lr%3D%26&_doneTitle=Back+to+Search&&d#6e4c3ce65f69bad6
How to pass IPSec traffic through ISA Server
http://www.isaserver.org/articles/IPSec_Passthrough.html
SecuRemote UDP encapsulation & ISA
http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=13;t=000326
General Google server: "checkpoint vpn isa sbs"
http://groups-beta.google.com/groups?hl=en&lr=&q=checkpoint+vpn+isa+sbs
--
Merv Porter [SBS MVP]
===================================
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in message
news:290073E8-0535-4935-985F-17B2FC40E40A@microsoft.com...
Thanks for the reply Merv,
Didn't quite help, not too much detail there... I actually looked around
quite a bit before I tried here, but no luck yet. Being relatively new to
ISA, I guess its time to start getting under the hood!
Thanks again,
PP
"Merv Porter [SBS-MVP]" wrote:
Hmmm... not an ISA guru, but see if this helps:
http://groups-beta.google.com/group/microsoft.public.backoffice.smallbiz2000/browse_frm/thread/5bd756f0d3a9b072/7e11bf098c77a244?q=checkpoint+vpn+isa+sbs+2003&_done=%2Fgroups%3Fhl%3Den%26lr%3D%26q%3Dcheckpoint+vpn+isa+sbs+2003%26&_doneTitle=Back+to+Search&&d#7e11bf098c77a244
--
Merv Porter [SBS MVP]
===================================
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in
message
news:FC5C3988-0CB9-4D62-B86D-A29B0CEC4498@microsoft.com...
Hi All,
I recently added ISA 2000 to an SBS 2003 box and I'm running into some
challenges... Browsing the Internet is OK from the client PCs, but not
from
the Macs on the network - there is only three Macs, so this isn't a
big
priority.
Before, with the basic firewall, I was able to use RWW from inside
this
particular network to connect to various other SBS Servers that I
manage,
now
that ISA has been installed I can't do that anymore - I get as far as
selecting the server to connect to, then thats it... nada.
That's still a minor problem - the big problem is that one client PC
uses
a
Check Point Secure Remote VPN Client to connect to an external server
for
a
critical business process, and since the ISA server was installed,
that
connection no longer happens. Big problem.
If there are any ISA gurus out there that have had a similar situation
and
can help or point to some resources that would help me, it would be
much
appreciated!
Failing that, does anybody know how I can 'disable' ISA, or at least
set
up
a configuration that mimics the pre-ISA basic NAT firewall so that I
can
at
least get this client connecting while I try to figure it out... or do
I
have
to uninstall ISA??
Thanks in advance gang, you all rock!
Paul
|
|
|
| Back to top |
|
|
Merv Porter [SBS-MVP]
Guest
|
| Posted:
Mon Jan 17, 2005 12:18 am Post subject:
Re: ISA and Check Point |
|
|
Well, I'm out of my element here with Checkpoint VPN. Maybe someone else
will jump in here.
--
Merv Porter [SBS MVP]
===================================
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in message
news:80FBFA6D-3F41-4EB5-A97B-622A3F02D7C8@microsoft.com...
3Fq%3Dcheckpoint+vpn+isa%26start%3D70%26hl%3Den%26lr%3D%26&_doneTitle=Back+t
o+Search&&d#6e4c3ce65f69bad6
| Quote: |
How to pass IPSec traffic through ISA Server
http://www.isaserver.org/articles/IPSec_Passthrough.html
SecuRemote UDP encapsulation & ISA
http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=13;t=000326
General Google server: "checkpoint vpn isa sbs"
http://groups-beta.google.com/groups?hl=en&lr=&q=checkpoint+vpn+isa+sbs
--
Merv Porter [SBS MVP]
===================================
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in
message
news:290073E8-0535-4935-985F-17B2FC40E40A@microsoft.com...
Thanks for the reply Merv,
Didn't quite help, not too much detail there... I actually looked
around
quite a bit before I tried here, but no luck yet. Being relatively new
to
ISA, I guess its time to start getting under the hood!
Thanks again,
PP
"Merv Porter [SBS-MVP]" wrote:
Hmmm... not an ISA guru, but see if this helps:
http://groups-beta.google.com/group/microsoft.public.backoffice.smallbiz2000/browse_frm/thread/5bd756f0d3a9b072/7e11bf098c77a244?q=checkpoint+vpn+isa+sbs+2003&_done=%2Fgroups%3Fhl%3Den%26lr%3D%26q%3Dcheckpoint+vpn+isa+sbs+2003%26&_doneTitle=Back+to+Search&&d#7e11bf098c77a244
--
Merv Porter [SBS MVP]
===================================
"Paul Pincente" <PaulPincente@discussions.microsoft.com> wrote in
message
news:FC5C3988-0CB9-4D62-B86D-A29B0CEC4498@microsoft.com...
Hi All,
I recently added ISA 2000 to an SBS 2003 box and I'm running into
some
challenges... Browsing the Internet is OK from the client PCs, but
not
from
the Macs on the network - there is only three Macs, so this isn't
a
big
priority.
Before, with the basic firewall, I was able to use RWW from inside
this
particular network to connect to various other SBS Servers that I
manage,
now
that ISA has been installed I can't do that anymore - I get as far
as
selecting the server to connect to, then thats it... nada.
That's still a minor problem - the big problem is that one client
PC
uses
a
Check Point Secure Remote VPN Client to connect to an external
server
for
a
critical business process, and since the ISA server was installed,
that
connection no longer happens. Big problem.
If there are any ISA gurus out there that have had a similar
situation
and
can help or point to some resources that would help me, it would
be
much
appreciated!
Failing that, does anybody know how I can 'disable' ISA, or at
least
set
up
a configuration that mimics the pre-ISA basic NAT firewall so that
I
can
at
least get this client connecting while I try to figure it out...
or do
I
have
to uninstall ISA??
Thanks in advance gang, you all rock!
Paul
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in