AIUI this is actually a case of establishing the IPSEC tunnel between the Windows box using the OS first and then configuring the ruleset in ISA to permit the connection.
MS has a decent whitepaper on how to configure IPsec tunneling at http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com: 80/support/kb/articles/Q252/7/35.ASP&NoWebContent=1 (Q252735) Configuring ISA is the regular old messing with the ruleset. My advice is to get IPsec working without ISA involved and then overlay ISA on top of it. That will at least let you know whether the problem is with the IPsec or with ISA. You might also want to check at www.isaserver.org for some ISA specific examples of IPsec. Good luck. Wes Noonan [EMAIL PROTECTED] http://www.wjnconsulting.com > -----Original Message----- > From: Mailing list for discussion of Firewall-1 [mailto:FW-1- > [EMAIL PROTECTED] On Behalf Of Monetti Gabriele > Sent: Tuesday, December 09, 2003 10:59 > To: [EMAIL PROTECTED] > Subject: [FW-1] R: [FW-1] Checkpoint and MS ISA tunnel > > > -----Messaggio originale----- > > Da: Michael Schwartzkopff [mailto:[EMAIL PROTECTED] > > Inviato: marted� 9 dicembre 2003 17.27 > > A: [EMAIL PROTECTED] > > Oggetto: [FW-1] Checkpoint and MS ISA tunnel > > > > > > Hi, > > > > anybody established a IKE/IPSEC tunnel between Checkpoint NG > > and Microsoft ISA > > "Firewall"? Thanks for any hint. > > > > I tried, but with no luck. > Using RRAS in Windows Server 2003 I've been able to establish a demand- > dial connection using L2TP/IPSec to CheckPoint NGFP3 to serve my clients, > but I think that this connection is not compatible with ISA on the same > machine. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
