[isapros] Re: OT: Vista VPN Client Credentials
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
- Date: Thu, 25 Jan 2007 09:34:33 -0800
Nothing. The mechanics works just fine- I VPN in, connect, and
authenticate. The ISA VPN segment properly identifies the connection as a
domain user and properly applies fw policy to the VPN segment for that user
(as I'm VPN'ed in directly to the ISA server). I can ping, RDP, telnet, etc
as one would expect. However, when it comes to silently authenticating to
network resources (CIFS shares, NTLM services, SQL integrated) the box
attempts to log on as the interactive user, not the VPN user.
I've looked at all the "downlevel" issues out there, but they are all about
the actual connection/session/encryption stuff. The actual "connection" is
fine. I just can't make Vista use the VPN credentials to access remote
resources. Bad Vista! Bad!
t
On 1/25/07 9:30 AM, "Thomas W Shinder" <tshinder@xxxxxxxxxxx> spoketh to
all:
> Dude,
>
> Do you see anything in the Event Viewer on either the VPN client or the
> target file server? Perhaps there are some references to "downlevel auth
> attacks" like I've seen with XP SP2, which I never seen adequate
> explanation of. :\
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://blogs.isaserver.org/shinder/
> Book: http://tinyurl.com/3xqb7
> MVP -- Microsoft Firewalls (ISA)
>
>
>
>> -----Original Message-----
>> From: isapros-bounce@xxxxxxxxxxxxx
>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thor
>> (Hammer of God)
>> Sent: Thursday, January 25, 2007 9:08 AM
>> To: isapros@xxxxxxxxxxxxx
>> Subject: [isapros] Re: OT: Vista VPN Client Credentials
>>
>> Anyone? Bueller? Anyone?
>>
>> Is there anyone out there who is VPN'ing into a network on a
>> non-domain
>> machine with Vista? Is it time to post to the Focus-MS list???
>>
>> t
>>
>>
>> On 1/24/07 12:36 PM, "Thor (Hammer of God)"
>> <thor@xxxxxxxxxxxxxxx> spoketh
>> to all:
>>
>>> Greetings... I'm hoping this something stupid that I'm just
>> not seeing, but
>>> I'm having an issue automatically authenticating to a
>> remote network under
>>> my VPN credential in Vista (x64).
>>>
>>> With XP, on a non-domain, standalone workgroup box, I can
>> create a standard
>>> VPN client and log on to the remote network using my user
>> account on remote
>>> network domain. Though I'm logged on interactively as a
>> local user on that
>>> XP box, when I go to \\host.domain.com, my VPN credentials
>> are automatically
>>> used to access shared resources on the remote network.
>> Same thing with
>>> connecting to a remote SQL box (requiring integrated auth).
>> No problems at
>>> all with XP, been doing it for years.
>>>
>>> However, with Vista, the credentials I use to log onto the
>> remote network
>>> are NOT being used when I access resources on the remote
>> network. Browsing
>>> to the share point results in a logon box being displayed.
>> If I attempt to
>>> connect to a SQL box, it says "not a trusted connection"
>> (as it would if my
>>> local user is being used.) WTF? I've looked through and
>> set everything
>>> that I can, including setting the location as "Work" and
>> "Home." I do NOT
>>> want to have to join the box to the remote domain.
>>>
>>> Anyone know what I'm doing wrong?? Thanks.
>>> t
>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>>
>
>
>
Other related posts:
