Post by Edoardo Benussi [MVP]se tutte le operazioni che mi hai descritto
che ti vengono impedite quando sei connesso
in vpn le esegui dalla macchina con isa server
verso la lan (ad esempio un rdp verso un client interno)
funzionano ?
Allora da ISA funziona tutto.
Comunque dopo essere un pochino impazzito sulal lettura di DHCP relay agent
e sul dummy default gateway ho solo modificato la regola dove assegno gli
indirizzi al Vpnclient e ho oslo detto di assegnargli il DNS e il WINS( ma
dall'ipconfig che facevo ieri li aveva gia' e quindi non credo abbia fatto
differenza) Poco fa ho riprovato ed ora, misteriosamente, oltre a sfogliare
le risorse da riga di comando con \\ nomeserver riesco anche ad usare RDP
che era il mio scopo.
Pertanto ti rongrazio infinitamente per la pazienza e la collaborazione ,e
sopratutto perche' hai resistito tutte le volte a scrivermi che postavo
male/(scrivo di corsa e non rileggo lo so :( -- ma lo hai pensato :)--
Solo per curiosità posto gli ipconfig e l'export della regola VPN ine mentre
sono in VPN e ... leggi alla fine per piacere se ne hai la forza...
CLIENT :
Configurazione IP di Windows
Nome host . . . . . . . . . . . . . . : PC-COLLAUDO
Suffisso DNS primario . . . . . . . :
Tipo nodo . . . . . . . . . . . . . . : Ibrido
Routing IP abilitato. . . . . . . . . : No
Proxy WINS abilitato . . . . . . . . : No
Scheda Ethernet Connessione alla rete locale (LAN):
Suffisso DNS specifico per connessione:
Descrizione . . . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
Indirizzo fisico. . . . . . . . . . . : 00-0F-FE-20-F4-25
DHCP abilitato. . . . . . . . . . . . : No
Indirizzo IP. . . . . . . . . . . . . : 213.215.133.98
Subnet mask . . . . . . . . . . . . . : 255.255.255.240
Gateway predefinito . . . . . . . . . : 213.215.133.97
Server DNS . . . . . . . . . . . . . : 213.215.129.4
212.31.224.3
Scheda PPP reisori:
Suffisso DNS specifico per connessione:
Descrizione . . . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Indirizzo fisico. . . . . . . . . . . : 00-53-45-00-00-00
DHCP abilitato. . . . . . . . . . . . : No
Indirizzo IP. . . . . . . . . . . . . : 192.168.100.37
Subnet mask . . . . . . . . . . . . . : 255.255.255.255
Gateway predefinito . . . . . . . . . : 192.168.100.37
Server DNS . . . . . . . . . . . . . : 192.168.100.2
192.168.100.3
Server WINS primario . . . . . . . . : 192.168.100.2
Server WINS secondario . . . . . . . : 192.168.100.3
SERVER ISA:
Configurazione IP di Windows
Nome host . . . . . . . . . . . . . . : orione
Suffisso DNS primario . . . . . . . . : revisori.it
Tipo nodo . . . . . . . . . . . . . . : Sconosciuto
Routing IP abilitato . . . . . . . . : Sì
Proxy WINS abilitato . . . . . . . . : Sì
Elenco di ricerca suffissi DNS. . . . : revisori.it
Scheda Ethernet COLT:
Suffisso DNS specifico per connessione:
Descrizione . . . . . . . . . . . . . : HP NC7761 Gigabit Server Adapter
Indirizzo fisico. . . . . . . . . . . : 00-12-79-92-F0-35
DHCP abilitato. . . . . . . . . . . . : No
Indirizzo IP. . . . . . . . . . . . . : 213.215.133.104
Subnet mask . . . . . . . . . . . . . : 255.255.255.240
Indirizzo IP. . . . . . . . . . . . . : 213.215.133.103
Subnet mask . . . . . . . . . . . . . : 255.255.255.240
Indirizzo IP. . . . . . . . . . . . . : 213.215.133.102
Subnet mask . . . . . . . . . . . . . : 255.255.255.240
Indirizzo IP. . . . . . . . . . . . . : 213.215.133.101
Subnet mask . . . . . . . . . . . . . : 255.255.255.240
Indirizzo IP. . . . . . . . . . . . . : 213.215.133.100
Subnet mask . . . . . . . . . . . . . : 255.255.255.240
Gateway predefinito . . . . . . . . . : 213.215.133.97
Scheda Ethernet Connessione alla rete locale (LAN):
Suffisso DNS specifico per connessione:
Descrizione . . . . . . . . . . . . . : HP NC7771 Gigabit Server Adapter
Indirizzo fisico. . . . . . . . . . . : 00-15-60-8A-B1-DB
DHCP abilitato. . . . . . . . . . . . : No
Indirizzo IP. . . . . . . . . . . . . : 192.168.100.1
Subnet mask . . . . . . . . . . . . . : 255.255.255.0
Gateway predefinito . . . . . . . . . :
Server DNS . . . . . . . . . . . . . : 192.168.100.2
192.168.100.3
Server WINS primario . . . . . . . . : 192.168.100.2
Server WINS secondario . . . . . . . : 192.168.100.3
xml version="1.0" encoding="UTF-8" ?>
- <fpc4:Root xmlns:fpc4="http://schemas.microsoft.com/isa/config-4"
xmlns:dt="urn:schemas-microsoft-com:datatypes" StorageName="FPC"
StorageType="0">
<fpc4:Build dt:dt="string">4.0.2165.594</fpc4:Build>
<fpc4:Comment dt:dt="string" />
<fpc4:Edition dt:dt="int">80</fpc4:Edition>
<fpc4:ExportItemClassCLSID
dt:dt="string">{78BC57B4-CD40-4267-8FFC-C62617E48B1F}</fpc4:ExportItemClassCLSID>
<fpc4:ExportItemStorageName
dt:dt="string">VpnConfig</fpc4:ExportItemStorageName>
<fpc4:IsaXmlVersion dt:dt="string">1.10</fpc4:IsaXmlVersion>
<fpc4:OptionalData dt:dt="int">4</fpc4:OptionalData>
<fpc4:Upgrade dt:dt="boolean">0</fpc4:Upgrade>
- <fpc4:Arrays StorageName="Arrays" StorageType="0">
- <fpc4:Array StorageName="{71C8080F-D93E-48EB-B431-F391643AD884}"
StorageType="0">
<fpc4:Components dt:dt="int">-1</fpc4:Components>
<fpc4:Name dt:dt="string" />
- <fpc4:NetConfig StorageName="NetConfig" StorageType="0">
- <fpc4:VpnConfig StorageName="VpnConfig" StorageType="1">
<fpc4:VpnBackupDNSServer
dt:dt="string">192.168.100.3</fpc4:VpnBackupDNSServer>
<fpc4:VpnBackupWINSServer
dt:dt="string">192.168.100.3</fpc4:VpnBackupWINSServer>
<fpc4:VpnEnable dt:dt="boolean">1</fpc4:VpnEnable>
<fpc4:VpnEnableRADIUSAccounting
dt:dt="boolean">0</fpc4:VpnEnableRADIUSAccounting>
<fpc4:VpnEnableRADIUSAuthentication
dt:dt="boolean">0</fpc4:VpnEnableRADIUSAuthentication>
<fpc4:VpnEnableWindowsAccounting
dt:dt="boolean">0</fpc4:VpnEnableWindowsAccounting>
<fpc4:VpnMaximumClients dt:dt="int">2</fpc4:VpnMaximumClients>
<fpc4:VpnPrimaryDNSServer
dt:dt="string">192.168.100.2</fpc4:VpnPrimaryDNSServer>
<fpc4:VpnPrimaryWINSServer
dt:dt="string">192.168.100.2</fpc4:VpnPrimaryWINSServer>
<fpc4:VpnUseDHCPForDNS dt:dt="boolean">0</fpc4:VpnUseDHCPForDNS>
<fpc4:VpnUseDHCPForWINS dt:dt="boolean">0</fpc4:VpnUseDHCPForWINS>
<fpc4:IpRangeSet StorageName="VpnStaticAddressPool" StorageType="1" />
- <fpc4:VpnPPPSettings StorageName="VpnPPPSettings" StorageType="1">
<fpc4:VpnPPPEnableMSCHAPv2 dt:dt="boolean">1</fpc4:VpnPPPEnableMSCHAPv2>
</fpc4:VpnPPPSettings>
<fpc4:Refs StorageName="SourceNetworkSets" StorageType="1" />
- <fpc4:Refs StorageName="VpnNetworksToListenOn" StorageType="1">
- <fpc4:Ref StorageName="{DDBB125A-BF5B-44C5-8A58-93283CBDA04E}"
StorageType="1">
<fpc4:Name
dt:dt="string">{F129EACF-778B-44FE-B339-5B752D7220A3}</fpc4:Name>
<fpc4:RefClass dt:dt="string">msFPCNetwork</fpc4:RefClass>
</fpc4:Ref>
</fpc4:Refs>
- <fpc4:Ref StorageName="NetworkToObtainDHCP" StorageType="1">
<fpc4:Name
dt:dt="string">{4E32B556-0FAF-4A27-9111-085F679EDC9B}</fpc4:Name>
<fpc4:RefClass dt:dt="string">msFPCNetwork</fpc4:RefClass>
</fpc4:Ref>
<fpc4:VpnQuarantineSettings StorageName="VpnQuarantineSettings"
StorageType="1" />
- <fpc4:Accounts StorageName="Access" StorageType="1">
- <fpc4:Account StorageName="REVISORI-VPNClients" StorageType="1">
<fpc4:AccountSid
dt:dt="string">S-1-5-21-1133105797-2650838172-548735355-1157</fpc4:AccountSid>
<fpc4:AccountType dt:dt="int">1</fpc4:AccountType>
</fpc4:Account>
</fpc4:Accounts>
<fpc4:UserMapping StorageName="UserMapping" StorageType="1" />
</fpc4:VpnConfig>
- <fpc4:Networks StorageName="Networks" StorageType="0">
- <fpc4:Network StorageName="{F129EACF-778B-44FE-B339-5B752D7220A3}"
StorageType="2">
<fpc4:Description dt:dt="string">Built-in network object representing the
Internet.</fpc4:Description>
<fpc4:Name dt:dt="string">External</fpc4:Name>
<fpc4:NetworkType dt:dt="int">3</fpc4:NetworkType>
- <fpc4:WebListenerProperties StorageName="WebListenerProperties"
StorageType="2">
<fpc4:SSLPort dt:dt="int">0</fpc4:SSLPort>
<fpc4:TCPPort dt:dt="int">8080</fpc4:TCPPort>
<fpc4:AppliedSSLCertificates StorageName="AppliedSSLCertificates"
StorageType="2" />
</fpc4:WebListenerProperties>
</fpc4:Network>
- <fpc4:Network StorageName="{4E32B556-0FAF-4A27-9111-085F679EDC9B}"
StorageType="2">
<fpc4:Description dt:dt="string">Network representing the internal
network.</fpc4:Description>
<fpc4:EnableFirewallClients dt:dt="boolean">1</fpc4:EnableFirewallClients>
<fpc4:EnableWebProxyClients dt:dt="boolean">1</fpc4:EnableWebProxyClients>
<fpc4:Name dt:dt="string">Internal</fpc4:Name>
<fpc4:NetworkType dt:dt="int">4</fpc4:NetworkType>
- <fpc4:IpRangeSet StorageName="IpRangeSet" StorageType="2">
- <fpc4:IpRangeEntry StorageName="{7D752348-93C5-450A-8F55-FB6ED1158182}"
StorageType="2">
<fpc4:IPFrom dt:dt="string">192.168.100.0</fpc4:IPFrom>
<fpc4:IPTo dt:dt="string">192.168.100.255</fpc4:IPTo>
</fpc4:IpRangeEntry>
</fpc4:IpRangeSet>
- <fpc4:WebListenerProperties StorageName="WebListenerProperties"
StorageType="2">
<fpc4:SSLPort dt:dt="int">0</fpc4:SSLPort>
<fpc4:TCPPort dt:dt="int">8080</fpc4:TCPPort>
<fpc4:AppliedSSLCertificates StorageName="AppliedSSLCertificates"
StorageType="2" />
</fpc4:WebListenerProperties>
</fpc4:Network>
</fpc4:Networks>
</fpc4:NetConfig>
</fpc4:Array>
</fpc4:Arrays>
</fpc4:Root>
GRAZIE ANCORA!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!11
Ciao EDO :)
Ciao Sergio