If this is so, there may be problems. If the VPN server needs the client to make an L2TP/IPSec connection, then it cannot happen because the ISA server is acting like a NAT server and will not be able to pass the IPSec. (See Knowledge Base article 314764.) If the VPN server requires PPTP, then you may not have the correct ports open on the ISA Server.
I don't know what guides you may have followed, and it may be that you have already changed other settings that may interfere with what you want to do.
The first step you need to take is to see if a client can access the VPN server if it does not have to go through the ISA Server. DO NOT disable the ISA Server. Instead, take a Windows XP client system and enable its built-in personal firewall. Then connect it directly to the Internet. Can the client connect to the VPN server? If it can then the problem is ISA Server.
If not, then the problem is the client configuration. If yes, then the next step is to double check the protocol. This article will tell you how to configure ISA server for outbound PPTP VPN connections from internal clients.
You may also find some help here: Connecting to a Cisco VPN through ISA server.
This was first published in October 2003