Creating a Site-to-Site VPN Between Two ISA Server 2006 SE Over a Dedicated Connection - Part 1: Using IPsec Tunnel Mode

You currently have an ISA Server 2006 SE on your network.
And you may have an existent site-to-site VPN connection, or plan to add one. For several reasons, you may like to move the existent site-to-site VPN connection over a dedicated connection(say, to buy for that a new Internet connection). Or you may want to create the new VPN tunnel over a dedicated Internet connection.

Depending on the nature of the remote VPN gateway, another ISA Server 2006 or a third-party VNP gateway, and your requirements, you need to choose between the IPsec tunnel mode VPN site-to-site connection or the L2TP/IPsec site-to-site VPN connection(I do not count PPTP, as personal, I dislike the use of it these days due to security reasons).

If you connect to a remote third-party VPN gateways, likely, your only option would be the IPsec tunnel mode VPN site-to-site connection.
If you connect to another ISA Server 2006, you may like to use, per Microsoft's recommendations, the L2TP/IPsec site-to-site VPN connection.

In this part we will establish an IPsec tunnel mode VPN site-to-site connection between two ISA Server 2006 SE SP1 installed on Windows 2003 Standard Edition R2 SP2.

The network diagram:

The lab diagram:


Comments are closed