Solved

mapped network drive authentication over vpn fails

Posted on 2009-07-03
4
306 Views
Last Modified: 2012-05-07
Can anyone help, i am now a bit lost to the cause of this issue.
We have several vpn connections to our main office but a couple of XP laptops have the same issue. The VPN connection is good and does work as you can remote desktop and pickup licenses from the license server, when you try to connect to a remote drive you are asked for the username and password as normal, but this does not authenticate.
I have checked the vpn tunnel using another laptop and it works fine.
Has anyone got any suggestions?
0
Comment
Question by:Tricky1974
  • 2
  • 2
4 Comments
 
LVL 5

Expert Comment

by:mkrisz
Comment Utility
What is the error message exactly what you get? If there is an authentication box, it means that you can reach the server and the only thing left is to authenticate yourself to use that resource. At the moment I have no ideas why auth fails on one machine and works on the other. Please could you be a lot more specific about your network?
0
 

Author Comment

by:Tricky1974
Comment Utility
Sorry for the lack of details.
typically the problem laptop is the boss's machine, i setup his vpn and he is using exactly the same router is i am at home (netgear dg834g) which is configured identically. When he tries to logon to a mapped network drive the authentication box appears, you enter the username and password and it goes for a few seconds and then just reappears with the password missing.
There are no errors on the screen.
I visited his house to try and sort this issue and took my laptop (FSC Vista home premium laptop) and could connect.
The only difference i can think of that may cause an issue is that his laptop is a domain member where as mine isnt, but saying that, i now have another user who is connecting to the office using the SonicWall global vpn software to connect, he is using a vista laptop too, can pickup licenses but cannot connect to mapped network drives, this is also a non domain machine.
Its all very odd and i am slightly lost to why it should be happening.
From what i have read has this anything to do with kerbos?

Any perls of wisdom would be very welcome.
0
 
LVL 5

Accepted Solution

by:
mkrisz earned 500 total points
Comment Utility
This problem is with kerberos. Non domain computers use NTLM to authenticate - and in this scenario it is successfull, however your domain computer uses kerberos in a domian enviroment. So our problem is kerberos doesn't succeed for some reson. First: Can you reach the domain controller(s) from your client? Because kerberos needs not just communicate with that machine you are authenticating to, it needs to communicate with a DC too. If you can, you could try forcing kerberos to go over TCP. This can be done by this link:
http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2002022514582154?Open&docid=20030704145411964&nsf=local%20replicas%5CINTL%5Cent-gate-intl.nsf&view=cb9f32e879dfdfc0882568e400650f63&seg=ent

Maybe can be helpful. If not, respont plz and I'll take a deeper look at the topic.
0
 

Author Comment

by:Tricky1974
Comment Utility
OK, it will be a week or so before i can get back to you on this as i am now on holiday.
On my return i will give the information in the link a try and let you know the outcome.

In the mean time, the one thing that is confusing me is that the two laptops that have the issue, one is a member of the domain, and the other isnt, both have the issue. My laptop is not a member of the domain and works fine from both a fixed adsl vpn and when using mobile user vpn over any connection. I have also found this to work on both vista and win7. I have checked on my laptop if the parameter is set as mentioned in the link, and it isnt. So this has stumped me further, how come mine works?

Any ideas? Answers on a back of a postcard!!
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now