Solved

Using network shares always prompts for user name and password. (500 pts)

Posted on 2008-06-12
7
252 Views
Last Modified: 2008-11-17
Hi everyone,

I'm, sure there is an easy solution to this but I can't figure it out.

Setup is:
Netgear FVX538v2 firewall.
Netgear ProSafe Client VPN software.
Authentication using RADIUS (Microsoft).

We have a user who is in the domain admin group, the issue is this:

Can connect to VPN.
Can ping ip addresses and with Mode Config enabled, can ping computer names.
Can remote desktop to machines

The big problem is:
When user connects to a share or administration share i.e. c$ (via the VPN) he always gets prompted for a windows user name and password. once this info is entered, can use share. Eveytime he uses this same share or any other share, he always gets prompted for a user name and password. This is causing me a real headache!

Can you advise on anything I can do to allow the user to NOT have to always provide user name and password everytime he uses a share?

Look forward to your advice on this one!, cheers, naexpert.
0
Comment
Question by:naexpert
  • 3
  • 3
7 Comments
 
LVL 8

Expert Comment

by:RichardSlater
ID: 21769613
What is the user logging into the remote machine (client) as? a non-domain user? Don't take this as cannon by any means but wouldn't the user have to be logged in to the computer with a user that has privalages to connect to the shared... something he wouldn't need in the other test you made (ping and DNS/WINS don't require authentication, RDP is authenticated upon connection?)
0
 

Author Comment

by:naexpert
ID: 21769685
Hi Richard,

Thanks for the quick response. The user has his own small workgroup at home. Saying that, I have a test machine in my office which has it's own seperate internet connection, this is a workgroup computer also, so has no logon as such. I can replicate the same issues on this machine.

I have tried microsofts own VPN software and this all semes to work nicely allowing the user to 'log on' to the domain and this gives full domain access. You might wonder why we just don't use this, well the guy at the remote site does not want to use MS vpn software as it messes up his intent speed and his voip phone!

Hope this all makes sense? cheers, naexpert.
0
 
LVL 6

Accepted Solution

by:
Nyah247 earned 500 total points
ID: 21773197
Well...  My two cents...I would strongly encourage him to use the microsoft vpn solution.  

I am making some assumptions about your setup here but...

The reason he is probably complaining about the speeds with Microsoft ISA VPN...is that ALL his web traffic is re-directed to the ISA server over the VPN connection.  This is what you want because ISA will subject it to its rules and also inspect it for no-no's.  

What he wants is something called split-tunneling which is not secure.  He wants all the access to the corporate data but also the faster local internet connection he enjoys.  Not a secure solution...if his computer is compromised from external source it will give that source access to your corporate data over the VPN!

0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 6

Expert Comment

by:Nyah247
ID: 21773217
Here is a little info about split-tunneling:  http://www.isaserver.org/tutorials/2004fixipsectunnel.html
0
 

Author Comment

by:naexpert
ID: 21776925
Hi Nvah247,

Thanks so much for this info, very interesting. I now understand the issues raised by having a client connected to the domain network AND also connected to a potentially unsafe web connection.

The scenario I have is that the user is working ffrom home and has a hardware firewall, and is aware of all the risks regarding the web. I think in this instance, a split tunnel would be very handy.

Incidently, why do you recommend the microsoft vpn over other software vendors vpn products?

Cheers, neaxpert.
0
 

Author Comment

by:naexpert
ID: 21779886
This solution worked for us based on using Microsofts own vpn software.
0
 
LVL 6

Expert Comment

by:Nyah247
ID: 21779906
Well...  It seems to integrate better with Microsoft products.  :)
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sophos UTM Endpoint VPN 2 49
site to site tunnel not autostarting 5 59
Which the best UTM recommended ? 2 69
DNS and NSLOOKUP 21 56
I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now