Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

VPN users authenticate as guests for network resources.

Posted on 2004-08-12
3
227 Views
Last Modified: 2010-04-19
Hi,
I am running windows 2003 server and have VPN setup on a machine, Users can access VPN, connect to our outbound internet and access our internal resources, however they are authenticated as Guests and thus have limited access to network resources.  What is happening here.  

This is the second time this problem has occurred.  
Once on windows 2000
and another time on windows XP

Both PC's do not have a (login)password set.

I want to allow these individuals to connect without requireing them to change thier username/password to match our internal network.
0
Comment
Question by:JakeWSYSA
  • 2
3 Comments
 
LVL 1

Expert Comment

by:012Uvongo
ID: 11791032

Hey mate

Your VPN server is it a standalone server? How do users obtain an IP address through the RRAS server or through the DHCP server?

Have you tried IAS?

Internet Authentication Service (IAS) in Microsoft® Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; and Windows Server 2003, Datacenter Edition is the Microsoft implementation of a Remote Authentication Dial-in User Service (RADIUS) server and proxy. As a RADIUS server, IAS performs centralized connection authentication, authorization, and accounting for many types of network access including wireless, authenticating switch, and remote access dial-up and virtual private network (VPN) connections. As a RADIUS proxy, IAS forwards authentication and accounting messages to other RADIUS servers

You can configure IAS in Windows Server 2003, Standard Edition, with a maximum of 50 RADIUS clients and a maximum of 2 remote RADIUS server groups. You can define a RADIUS client using a fully qualified domain name or an IP address, but you cannot define groups of RADIUS clients by specifying an IP address range. If the fully qualified domain name of a RADIUS client resolves to multiple IP addresses, the IAS server uses the first IP address returned in the DNS query. With IAS in Windows Server 2003, Enterprise Edition, and Windows Server 2003, Datacenter Edition, you can configure an unlimited number of RADIUS clients and remote RADIUS server groups. In addition, you can configure RADIUS clients by specifying an IP address range.

0
 
LVL 1

Author Comment

by:JakeWSYSA
ID: 11794455
So, in my senario. I have volunteer administers that need access to corporate resources.  They dial-in using vpn and are authenticated.  The Users that have identical windows username/passwords set can access resources, however the users that have no username/passwords matching thier coroporate passwords get logged in as guest.  I have IAS already installed and one rule is listed and i believe this could be my problem.

"Use Windows authentication for all users"

In the case of the remote users I would rather use thier VPN username/password for local resources.  I tried adding a rule but it didn't work well, please help.

0
 
LVL 1

Accepted Solution

by:
012Uvongo earned 50 total points
ID: 11818118
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows Server 2003 - GPO - User account with No password 8 48
GPO Access denied in AD 12 52
Forcibly removing a 2003 server from the Domain 4 54
Enterprise Mode 4 46
by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question