[ previous ] [ next ] [ threads ]
 
 From:  "Jason Collins" <jason at mammothcomputers dot com>
 To:  "Willem van Dam" <willemv at setnorbyer dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: Logon to windows domain over PPTP VPN?
 Date:  Fri, 22 Dec 2006 08:48:45 -0600
Hi Willem,

I've hit this error before, but it was many years ago and I don't
remember the resolution exactly.  I see on other discussion groups that
using your email address from active directory user at domain dot tld as your
username might solve the problem.  Others however point to DNS as the
culprit.  Make sure that you have your LAN DNS set to use your active
directory server for DNS and you might try putting a host file entry in
your remote workstations as well so that server.domain.tld can be
resolved to the LAN IP from now matter where they are.  Others have
suggested that persistent connections cause this problem so you might
write a simple batch file for users to run to clear any mapped drives,
etc....

You might as an alternative try IPSEC vpn with the Safenet client set to
automatically connect.  With your hosts file edited correctly (x.x.x.x
servername.fqdomain.tldn), it should automatically detect packets
destined for your remote network and connect as your user attempts to
logon. From there, behavior should be as if the remote workstation were
logged on locally.  Should be anyway.

jason

-----Original Message-----
From: Willem van Dam [mailto:willemv at setnorbyer dot com] 
Sent: Thursday, December 21, 2006 1:54 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: Logon to windows domain over PPTP VPN?

Hi list,

I'm sure this has been discussed before but I don't seem to be able to
find it in the archives. I do find a short discussion in 2004 but that
doesn't seen to solve my problem.

First is it possible to logon to a windows domain over a PPTP VPN (using
XP)?
With this I mean that the user boots his/her laptop, hits CTRL-ALT-DEL
and types his/her password and puts a check mark at "Log on using
dial-up connection".

What am I doing wrong?
The VPN authentication seem to work but when the user tries to access
anything on the network he/she is asked for a username and password.
When the user types in his/her UN and PW the following message appears:
Logon unsuccessful:
The user name you typed is the same as the username you logged in with.
That user name has already been tried.
A domain controller cannot be found to verify that user name.


I have edited the lmhosts file but this doesn't seem to do the trick.
The system keeps asking for a UN/PW.

Lmhosts:
192.168.1.252	sbb00	#PRE	#DOM:SETNORBYER
192.168.1.252	"SETNORBYER     \0x1b"

Nbtstat -c shows:
SBIR VPN:
Node IpAddress: [192.168.1.201] Scope Ib: []
  
    NetBIOS Remote Cache Name Table

 Name           Type   Host Address  Life [sec]
-----------------------------------------------
SBB00      <03> UNIQUE 192.168.1.252 -1 	
SBB00      <00> UNIQUE 192.168.1.252 -1 
SBB00      <20> UNIQUE 192.168.1.252 -1 
SETNORBYER <1C> GROUP  192.168.1.252 -1

Any help is really appreciated,

Willem van Dam