Branch Office VPN to SBS-2003

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have an SBS-2003 Server installed with its standard Basic Firewall ...

After configuring RRAS, the Remote Windows Clients can successfully VPN the
SBS-2003 and the performace is very good ...

My delima is when I have tried to connect a Branch Office using different
VPN Routers (NetGear - LinkSys) through IPSec but was never successful ...

Also, I have followed Microsoft Guidelines in KB:816514 for configuring
IPSec Tunneling in Windows 2003 Server and did all the recommended settings
but with no luck ...

For example, the NetGear FVS124G Router VPN Log shows the following:
:: IKE phase-I negotiation started
:: IKE phase-I message not received after retries
:: Sending a Delete payload of protocol ISAKMP and Peer IP: 4568441c
:: Deleting the IsakmpSA

As seen from the above, the IKE Phase-I SA doesn't get a response and after
(5) retries, it will delete the Phase-I SA proposal before even going to
Phase-II SA ...


Is there any other steps that I need to configure on the SBS-2003
Server-side other than creating the IPSec Policy ??? ...

Appreciate your help so that I can setup this Branch Office to connect to
the SBS-2003 ...

Thanks ... Reda
 
You may want to use IP Security Monitor to troubleshoot it. Or this troubleshooting link may help,

IPSec 5. IP Security Monitor: The IP Security Monitor can be used to monitor SAs, IPSec, and IKE statistics. To start IP Security Monitor, click Start, click Run, ...
www.chicagotech.net/ipsec.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I have an SBS-2003 Server installed with its standard Basic Firewall ....

After configuring RRAS, the Remote Windows Clients can successfully VPN the
SBS-2003 and the performace is very good ...

My delima is when I have tried to connect a Branch Office using different
VPN Routers (NetGear - LinkSys) through IPSec but was never successful ....

Also, I have followed Microsoft Guidelines in KB:816514 for configuring
IPSec Tunneling in Windows 2003 Server and did all the recommended settings
but with no luck ...

For example, the NetGear FVS124G Router VPN Log shows the following:
:: IKE phase-I negotiation started
:: IKE phase-I message not received after retries
:: Sending a Delete payload of protocol ISAKMP and Peer IP: 4568441c
:: Deleting the IsakmpSA

As seen from the above, the IKE Phase-I SA doesn't get a response and after
(5) retries, it will delete the Phase-I SA proposal before even going to
Phase-II SA ...


Is there any other steps that I need to configure on the SBS-2003
Server-side other than creating the IPSec Policy ??? ...

Appreciate your help so that I can setup this Branch Office to connect to
the SBS-2003 ...

Thanks ... Reda
 
Back
Top