Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 180
  • Last Modified:

Windows 2003 SBS Authentication - WIndows XP CLients

Hello All --

I have a win 2003 SBS Server w/ AD installed Exchange (in use) MS-ISA (Not in Use) and the rest of the "Family Pack"
of Microsoft Products that come with SBS 2K3


Here is my issue -

I have just configured a VPN with Netscreen NS5GT and the NetScreen Client Software -

I am able to Log in to the VPN no trouble - and ping any network address w/o issue - (internal 192.168.1.1)

I am using WIndows XP Pro clients

But I am not able to logon to the DOmain using either my account username password (domain\username) then password

or the Admnistrators account - all it does is re prompt me for the password and username

I am using a laptop which is not part of the domain.

I am trying to map a networtk drive thats all - not that special

I am however able to log on (over the vpn) to Terminal Services (running on the server)

I am also able to log on to a Workstation on the network, again mapping a network drive \\domainmemeber\share

it maps just fine -

I have encountered these "will not log onto share" period errors in the past... but have not been able to fix this one yet...


Please Advise -

Robert
0
rbollinger1212
Asked:
rbollinger1212
  • 2
1 Solution
 
harleyjdCommented:
THis is probably a furfy, but try disabling SMB signing on Group Policy Management.

In Default Domain Controller Policy

CompCon
+Windows Settings
 +Security Settings
  +Security options

set to disabled:
Domain Member: Digitally Encrypt or sign secure channel data (Always)
Microsoft Network Server: Digitally Sign Comminications (Always)
Microsoft Network Server: Digitally Sign Comminications (if client agrees)
0
 
rbollinger1212Author Commented:
Good Advice ... But Here is what I found out...


 After much toiling I discovered this...


 - I was able to access the server resources from the laptop when I plugged in to the network from the "Trust" zone.
 - I was able to ping the server over the VPN
 - Packet fragmentation was disabled on the Firewall (SO that fragmented packets could get through)
 

 Another person using a different dial up connection was able to access the VPN and map network drives over the VPN.


 Earthlink Blocks Passing Encrypted packets over there Dial-up Connections -

Earthlink allows you to establish a VPN SA.

SO you think it must be working no one is blocking anything - except that earthlink is blocking the encrypted packets.

I hate earthlink - this took 12 hours to solve...

As far as I was able to map a share to a different system, I was able to do that because encryption was turned off or at least i think so...

I went home and tried again over my T1 and sure enough I was able to map a network drive.... again... I hate earthlink...


I got this info from the NetScreen Tech Support people...


Robert
0
 
harleyjdCommented:
Far out. Well done Robert...

0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now