ISA Firewall Site to Site VPN Quick Fix

If you’ve been trying to create a site to site VPN using 2004 ISA firewall using a pre-shared key only, I feel your pain. You’ve probably seen that it doesn’t work. The key is to not configure the pre-shared key in the Remote Site Wizard. Instead, leave the pre-shared key checkbox unchecked. Then click the VPN Clients tab in the Details pane, and click the Select Authentication Methods link on the Tasks tab in the Task Pane. On the Authentication tab in the Virtual Private Networks (VPN) dialog box, put a checkmark in the Allow customer IPSec policy for L2TP … Continue reading ISA Firewall Site to Site VPN Quick Fix

ISA Firewall Site to Site VPNs with Downlevel VPN Gateways

One of the things that drove us nuts with the 2000 ISA firewall was that problem of site to site VPNs. You could use PPTP or L2TP/IPSec to create a site to site VPN, but the problem was that most downlevel VPN gateways (PIX, Sonicwall, etc) use the less secure IPSec tunnel mode. The new ISA firewall fixes this problem with its support for IPSec tunnel mode. The problem is that each vendor has it own proprietary approach to creating a site to site VPN. Don’t worry! Microsoft has come to our recue with a bevy of very cool docs … Continue reading ISA Firewall Site to Site VPNs with Downlevel VPN Gateways