RE: DNS pass through in VPN

  • From: "MJ" <mjtech@xxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Sun, 12 Mar 2006 21:52:42 -0500

All I can say is:

Punch of idiots

Therefore I am leaving this sick list because I am not an idiot and will
never be

-----Original Message-----
From: Taps [mailto:Taps@xxxxxxxxxxxx]
Sent: Sunday, March 12, 2006 9:36 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: DNS pass through in VPN

http://www.ISAserver.org

Line 5 tells me this is an Authentication issue.  Even when bypassing
DNS by not going to \\ServerName\ShareExample and using the IP address
it still asks him to autheticate.  If he was logged into his computer as
a domain user, whether it be via cached credentials or by choosing to
login via dialup, it shoudln't ask him for this at all.

I will assume that this is what is considered to be the "DNS Pass
through" problem although it doesn't appear to be.

As for the rest of his post....  There was no mention of any DNS issues
except for the subject.  But when compared to the details of the
problem, the subject might as well stated "The muffler on my yugo smells
like old cheese".

--




Taps@xxxxxxxxxxxx
http://Taps.Iniquity.Org
-  "What spirit is so empty and blind, that it cannot recognize the fact
that the foot is more noble than the shoe, and skin more beautiful than
the garment with which it is clothed?" -- Michaelangelo

Build a man a fire, and he'll be warm for a day. Set a man on fire, and
he'll be warm for the rest of his life. -- Terry Pratchett





> -----Original Message-----
> From: MJ [mailto:mjtech@xxxxxxxxx]
> Sent: Sunday, March 12, 2006 7:21 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: DNS pass through in VPN
>
> http://www.ISAserver.org
>
> Why do you have shorten your favorite words (WTF), instead
> type them as they are, and I promise you won't have any
> problems because this the main problem of this list.
>
> 1. I have a Windows 2000 Server with ISA 2004 installed. I have.
> 2. Setup VPN for outside clients. However when they connect to.
> 3. The VPN, there are no longer able to access shared resources.
> 4. On the domain. They are able to if you go START, RUN.
> 5. \\192.168.X.X\ShareExample it prompts for the network.
> 6. Password and then allows access. However if this drive was.
>
>
> What does line 5 tell?
>
> Also if you're using logon scripts to map network drive, then
> at the command prompt run net use and see what's mapped?
>
> Some times you find mapped drives without letters and those
> need to be deleted for mapped network drives to work.
>
>
> I am so sorry that you have to deal with your self for the
> rest of you life :(
>
>
>
>
>
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:Thor@xxxxxxxxxxxxxxx]
> Sent: Sunday, March 12, 2006 7:07 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: DNS pass through in VPN
>
> http://www.ISAserver.org
>
> "All the nonsense answers?"  WTF are you talking about?
> Steve's one "rubbish" post?  We're asking the guy how he
> connects to the VPN.
> The caveats of user context and logon method are absolutely
> valid questions for the people who are trying to help to ask.
>
> You're the one who said it was a name resolution problem- I
> think we should hear that from the OP, don't you?  You may be
> causing misinformation without knowing it.
>
> I'm sorry if this bores you, but we're still trying to find
> out what the real problem is.  If that is "high school" to
> you, then I think that's something you have to deal with.
> I'm just trying to help.
> Regarding respect, I don't think it is appropriate for you to
> bust on the questions I'm asking when I'm taking time out of
> my Sunday to help other people, particularly in the absence
> of any supportive posts from you.
>
> t
>
>
>
> On Mar 12, 2006, at 3:37 PM, MJ wrote:
>
> > http://www.ISAserver.org
> >
> > Who asked this question in the first place?
> >
> > Looks like he already gave it up on all of these nonsense answers.
> >
> > There is no way for any of us to tell what the problem is from the
> > information provided, but we can point to reason that could
> possibly
> > cause such a problem.
> >
> > If we'll start repeating the same things over and over and
> over then
> > it needs to stop.
> >
> > Also we need some respect in this list. It's starting to feel like
> > high school
> >
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:Thor@xxxxxxxxxxxxxxx]
> > Sent: Sunday, March 12, 2006 6:30 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: DNS pass through in VPN
> >
> > http://www.ISAserver.org
> >
> > This is a public list.  We'll talk about whatever we choose to talk
> > about.  If you don't like it, then ignore them.
> >
> > I've read through the entire thread, and I don't see any
> information
> > at all back from the OP.  Who knows what the problem is?  THAT is
> > THAT!
> >
> > t
> >
> > On Mar 12, 2006, at 3:17 PM, MJ wrote:
> >
> >> http://www.ISAserver.org
> >>
> >> Can we please stop talking about this topic?
> >>
> >> There is a name resolution problem and a credentials problem.
> >>
> >> This is it.
> >>
> >> Thanks
> >>
> >> -----Original Message-----
> >> From: Thor (Hammer of God) [mailto:Thor@xxxxxxxxxxxxxxx]
> >> Sent: Sunday, March 12, 2006 6:12 PM
> >> To: [ISAserver.org Discussion List]
> >> Subject: [isalist] RE: DNS pass through in VPN
> >>
> >> http://www.ISAserver.org
> >>
> >> Correct - it is not the same.  Setting application and such is
> >> bypassed, as are "logon scripts," but it much faster and
> provides the
> >> same functions.
> >>
> >> Not that any of that matters here ;)
> >>
> >> t
> >>
> >> On Mar 12, 2006, at 2:56 PM, Jim Harrison wrote:
> >>
> >>> http://www.ISAserver.org
> >>>
> >>> Absolutame'
> >>> Still not the same as "logon via dial-up", tho...
> >>>
> >>> -----Original Message-----
> >>> From: Thor (Hammer of God) [mailto:Thor@xxxxxxxxxxxxxxx]
> >>> Sent: Sunday, March 12, 2006 2:11 PM
> >>> To: [ISAserver.org Discussion List]
> >>> Subject: [isalist] RE: DNS pass through in VPN
> >>>
> >>> http://www.ISAserver.org
> >>>
> >>> Right, but when you then connect up to the VPN, you're
> authenticated
> >>> as a domain user, and the pass-through creds access
> domain resources
> >>> as they normally would.  Network services and machine context can
> >>> also access the domain.
> >>>
> >>> t
> >>>
> >>> On Mar 12, 2006, at 1:38 PM, Jim Harrison wrote:
> >>>
> >>>> http://www.ISAserver.org
> >>>>
> >>>> They're not logging into the domain - they're logging onto the
> >>>> local machine using the cached domain profile.
> >>>> ..much different context.
> >>>>
> >>>> -----Original Message-----
> >>>> From: Taps [mailto:Taps@xxxxxxxxxxxx]
> >>>> Sent: Sunday, March 12, 2006 1:23 PM
> >>>> To: [ISAserver.org Discussion List]
> >>>> Subject: [isalist] RE: DNS pass through in VPN
> >>>>
> >>>> http://www.ISAserver.org
> >>>>
> >>>> Are you certain about this?  I have remote users that log onto
> >>>> their machines while disconnected from the VPN (Using cached
> >>>> credentials of course), and then when they connect to
> the VPN they
> >>>> have full access to their shares.  It doesn't run their login
> >>>> scripts for them, but it does allow them access wihtout retyping
> >>>> user info.
> >>>>
> >>>> --
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> Taps@xxxxxxxxxxxx
> >>>> http://Taps.Iniquity.Org
> >>>> -  "What spirit is so empty and blind, that it cannot
> recognize the
> >>>> fact that the foot is more noble than the shoe, and skin more
> >>>> beautiful than the garment with which it is clothed?" --
> >>>> Michaelangelo
> >>>>
> >>>> Build a man a fire, and he'll be warm for a day. Set a
> man on fire,
> >>>> and he'll be warm for the rest of his life. -- Terry Pratchett
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>> -----Original Message-----
> >>>>> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> >>>>> Sent: Sunday, March 12, 2006 3:17 PM
> >>>>> To: [ISAserver.org Discussion List]
> >>>>> Subject: [isalist] RE: DNS pass through in VPN
> >>>>>
> >>>>> http://www.ISAserver.org
> >>>>>
> >>>>> Hi Leonardo,
> >>>>>
> >>>>> You must log on via dial-up networking if you want to
> log into the
> >>>>> domain. Works the same for all VPN clients.
> >>>>>
> >>>>> HTH,
> >>>>> Tom
> >>>>> Thomas W Shinder, M.D.
> >>>>> Site: www.isaserver.org <http://www.isaserver.org/>
> >>>>> Blog: http://blogs.isaserver.org/shinder/
> >>>>> Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP
> >>>>> -- ISA Firewalls
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>> ________________________________
> >>>>>
> >>>>>     From: Leonardo Lazcarez [mailto:LLazcare@xxxxxxxxxxx]
> >>>>>     Sent: Sunday, March 12, 2006 2:00 PM
> >>>>>     To: [ISAserver.org Discussion List]
> >>>>>     Subject: RE: [isalist] RE: DNS pass through in VPN
> >>>>>
> >>>>>
> >>>>>
> >>>>>     Joel,
> >>>>>
> >>>>>     You have to find a way to log onto the domain AFTER the VPN
> >>>>> connection is established. That's why you can't see the network
> >>>>> neighborhood.
> >>>>>
> >>>>>     Cisco VPN clients have a setting that allows that.
> I haven't
> >>>>> tried it on Microsoft VPN clients and I'm not sure if it's even
> >>>>> supported.
> >>>>>
> >>>>> ________________________________
> >>>>>
> >>>>>     From: Chris Patterson [mailto:cpatterson@xxxxxxxxxxxx]
> >>>>>     Sent: Sun 3/12/2006 12:48 PM
> >>>>>     To: [ISAserver.org Discussion List]
> >>>>>     Subject: [isalist] RE: DNS pass through in VPN
> >>>>>
> >>>>>
> >>>>>
> >>>>>     http://www.ISAserver.org
> >>>>>
> >>>>>     Are the users using domain usernames before they connect to
> >>>>> the VPN?
> >>>>>     Meaning are they logged into thei rlocal machine as
> a domain
> >>>>> user?
> >>>>>
> >>>>>     And what does this have to do with DNS?
> >>>>>
> >>>>>     How is the drive mapped?  By IP/HostName/FQDN?
> >>>>>
> >>>>>
> >>>>>     --
> >>>>>
> >>>>>     Chris Patterson
> >>>>>     Network Administrator
> >>>>>     Cpatterson@xxxxxxxxxxxx
> >>>>>     Http://Www.AxiomSys.Com
> >>>>>     - The Truth Is Out There... Go Find It  ( Http://www.
> >>>>> 2600.com )
> >>>>>
> >>>>>
> >>>>>
> >>>>>> -----Original Message-----
> >>>>>> From: Joel [mailto:jhansen1@xxxxxxxxxxxxx]
> >>>>>> Sent: Friday, March 10, 2006 1:07 PM
> >>>>>> To: [ISAserver.org Discussion List]
> >>>>>> Subject: [isalist] DNS pass through in VPN
> >>>>>>
> >>>>>> http://www.ISAserver.org
> >>>>>>
> >>>>>> I have a Windows 2000 Server with ISA 2004 installed. I have
> >>>>>> setup VPN for outside clients. However when they
> connect to the
> >>>>>> VPN, there are no longer able to access shared
> resources on the
> >>>>>> domain. They are able to if you go START, RUN,
> >>>>>> \\192.168.X.X\ShareExample it prompts for the network password
> >>>>>> and then allows access. However if this drive was mapped, it
> >>>>>> would not allow you to access it. Any ideas?
> >>>>>>
> >>>>>> ------------------------------------------------------
> >>>>>> List Archives:
> >>>>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>>>>> ISA Server Newsletter:
> >>>>> http://www.isaserver.org/pages/newsletter.asp
> >>>>>> ISA Server FAQ:
> >>>>> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> >>>>>> ------------------------------------------------------
> >>>>>> Visit TechGenix.com for more information about our
> >>>>> other sites:
> >>>>>> http://www.techgenix.com
> >>>>>> ------------------------------------------------------
> >>>>>> You are currently subscribed to this ISAserver.org Discussion
> >>>>>> List as: CPatterson@xxxxxxxxxxxx To unsubscribe visit
> >>>>>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>>>>> Report abuse to listadmin@xxxxxxxxxxxxx
> >>>>>>
> >>>>>
> >>>>>     ------------------------------------------------------
> >>>>>     List Archives:
> >>>>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>>>>     ISA Server Newsletter:
> >>>>> http://www.isaserver.org/pages/newsletter.asp
> >>>>>     ISA Server FAQ:
> >>>>> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> >>>>>     ------------------------------------------------------
> >>>>>     Visit TechGenix.com for more information about our other
> >>>>> sites:
> >>>>>     http://www.techgenix.com
> >>>>>     ------------------------------------------------------
> >>>>>     You are currently subscribed to this ISAserver.org
> Discussion
> >>>>> List as: llazcare@xxxxxxxxxxx
> >>>>>     To unsubscribe visit
> >>>>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>>>>     Report abuse to listadmin@xxxxxxxxxxxxx
> >>>>>
> >>>>>
> >>>>> ------------------------------------------------------
> >>>>> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>>>> ISA Server Newsletter: http://www.isaserver.org/pages/
> >>>>> newsletter.asp ISA Server FAQ:
> >>>>> http://www.isaserver.org/pages/larticle.asp?
> >>>>> type=FAQ
> >>>>> ------------------------------------------------------
> >>>>> Visit TechGenix.com for more information about our other sites:
> >>>>> http://www.techgenix.com
> >>>>> ------------------------------------------------------
> >>>>> You are currently subscribed to this ISAserver.org
> Discussion List
> >>>>> as: IsaList@xxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
> >>>>> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>>>> Report abuse to listadmin@xxxxxxxxxxxxx
> >>>>>
> >>>>
> >>>> ------------------------------------------------------
> >>>> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>>> ISA Server Newsletter: http://www.isaserver.org/pages/
> >>>> newsletter.asp ISA Server FAQ:
> >>>> http://www.isaserver.org/pages/larticle.asp?
> >>>> type=FAQ
> >>>> ------------------------------------------------------
> >>>> Visit TechGenix.com for more information about our other sites:
> >>>> http://www.techgenix.com
> >>>> ------------------------------------------------------
> >>>> You are currently subscribed to this ISAserver.org
> Discussion List
> >>>> as:
> >>>> jim@xxxxxxxxxxxx
> >>>> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?
> >>>> enter=isalist
> >>>> Report abuse to listadmin@xxxxxxxxxxxxx
> >>>>
> >>>> All mail to and from this domain is GFI-scanned.
> >>>>
> >>>>
> >>>> ------------------------------------------------------
> >>>> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>>> ISA Server Newsletter: http://www.isaserver.org/pages/
> >>>> newsletter.asp ISA Server FAQ:
> >>>> http://www.isaserver.org/pages/larticle.asp?
> >>>> type=FAQ
> >>>> ------------------------------------------------------
> >>>> Visit TechGenix.com for more information about our other sites:
> >>>> http://www.techgenix.com
> >>>> ------------------------------------------------------
> >>>> You are currently subscribed to this ISAserver.org
> Discussion List
> >>>> as: thor@xxxxxxxxxxxxxxx
> >>>> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?
> >>>> enter=isalist
> >>>> Report abuse to listadmin@xxxxxxxxxxxxx
> >>>>
> >>>>
> >>>
> >>>
> >>> ------------------------------------------------------
> >>> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>> ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> >>> ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> >>> ------------------------------------------------------
> >>> Visit TechGenix.com for more information about our other sites:
> >>> http://www.techgenix.com
> >>> ------------------------------------------------------
> >>> You are currently subscribed to this ISAserver.org Discussion List
> >>> as:
> >>> jim@xxxxxxxxxxxx
> >>> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?
> >>> enter=isalist
> >>> Report abuse to listadmin@xxxxxxxxxxxxx
> >>>
> >>> All mail to and from this domain is GFI-scanned.
> >>>
> >>>
> >>> ------------------------------------------------------
> >>> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >>> ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> >>> ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> >>> ------------------------------------------------------
> >>> Visit TechGenix.com for more information about our other sites:
> >>> http://www.techgenix.com
> >>> ------------------------------------------------------
> >>> You are currently subscribed to this ISAserver.org Discussion List
> >>> as: thor@xxxxxxxxxxxxxxx
> >>> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?
> >>> enter=isalist
> >>> Report abuse to listadmin@xxxxxxxxxxxxx
> >>>
> >>>
> >>
> >>
> >> ------------------------------------------------------
> >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >> ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> >> ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> >> ------------------------------------------------------
> >> Visit TechGenix.com for more information about our other sites:
> >> http://www.techgenix.com
> >> ------------------------------------------------------
> >> You are currently subscribed to this ISAserver.org Discussion List
> >> as:
> >> mjtech@xxxxxxxxx
> >> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?
> >> enter=isalist
> >> Report abuse to listadmin@xxxxxxxxxxxxx
> >>
> >>
> >> ------------------------------------------------------
> >> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >> ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> >> ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> >> ------------------------------------------------------
> >> Visit TechGenix.com for more information about our other sites:
> >> http://www.techgenix.com
> >> ------------------------------------------------------
> >> You are currently subscribed to this ISAserver.org Discussion List
> >> as: thor@xxxxxxxxxxxxxxx
> >> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?
> >> enter=isalist
> >> Report abuse to listadmin@xxxxxxxxxxxxx
> >>
> >>
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org
> Discussion List as:
> > mjtech@xxxxxxxxx
> > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?
> > enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
> > as: thor@xxxxxxxxxxxxxxx
> > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?
> > enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> mjtech@xxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: IsaList@xxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
mjtech@xxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



Other related posts: