I have a forefront TMG running, but I can't use a VPN to another site
(running Win server 2003 RRAS) I use PPTP to connect to the other site. at
first I thought that the rule I created for this whas not good, so I create a
temp rule with all outbound traffic allowed, this works now I see in my logs
that the PPTP traffic is allowed, but the VPN connection still fails with
error 619.
after some investigation I found out that there is traffic coming back from
the VPN server but this is blocked with the following error:
Denied Connection DEIL-TMG01 28-6-2010 21:14:56
Log type: Firewall service
Status: A non-SYN packet was dropped because it was sent by a source that
does not have an established connection with the Forefront TMG computer.
Rule: None - see Result Code
Source: External (xxx.xxx.xxx.xx:1723)
Destination: Local Host (10.0.0.1:61593)
Protocol: Unidentified IP Traffic (TCP:61593)
Additional information
Number of bytes sent: 0 Number of bytes received: 0
Processing time: 0ms Original Client IP: xxx.xxx.xxx.xx
IP address 10.0.0.1 is the Internet site of the Firewall.
I hope someone can help me with this problem.
Regards,
Eelco