[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1255
  • Last Modified:

Domain users across VPN can ping server but not connect to shared drives

Recently installed Open VPN which is part of our Untangle UTM gateway for the site.  VPN connects and works as far as being able to ping any machine in the network, Browse internal IP for web app, or even RDP to other servers in the network.

When you try to connect to a server that has file shares on it we get (ipx.x.x.x\shared The system detected a possible attempt to compromise security. Please ensure that you contact the server that authenticated you.)

The VPN is launched after the user logs in to a domain profile on the laptop they are working from.  I do not know if this is an issue that the system does not think that the user is authenticated or what?

We have deleted the drive maps from the individual machine and tried to put them back in but since we can not connect the system will not allow us to put them in.

With a stat run to the \\ip.x.x.x.\shared the system as for a username and password.  Using proper domain credentials it will not connect.

For testing I logged off the domain user and then onto the machine as a local account Administrator and tested and it all worked fine.  When connecting to the ipx.x.x.x\shared from the RUN command it asked for username and password.  Gave it the same domain users account credential as above and it worked.  Shares work the whole 9 yards.

What is blocking or keeping this from coming through?  I have another client with the exact same setup just different domain and it works perfectly.

There have been nothing but problems from the get go with this new client, DEAD Exchange server, BAD BDC that died and was not removed, same with Old Exchange server not being removed,  Upgraded exchange 2003 to 2010 but none of the addon options or database were upgrade etc. Exchange was removed to an outsourced solution, BDC removed properly, and cleanup of AD etc. I have done everything short of recreating the domain from scratch.  DCDIAG showes no error for the domain.

Open to any and all suggestions.

0
X-spook
Asked:
X-spook
  • 3
  • 2
1 Solution
 
databoksCommented:
Looks like you are accessing a share on a differnt domain - if so are there a trust between these two domains?
0
 
X-spookAuthor Commented:
Only the one domain listed in DNS server.  When I searched I read that to and was puzzled as to why the machine would think that it trying to access another domain other than the parent.  No Child domains.
0
 
databoksCommented:
Fine. So no other domains. And it does work with an administrator account?
0
 
X-spookAuthor Commented:
Did not work with the admin account either.  The only account that would work is a non domain account on the local machine.

I found the problem.  MS VPN was enabled at one time on the 2003 PDC and there was a loopback adapter enabled.  Disabled the loopback, and checked and the firewall service was not running.  So changed that and then disabled the firewall.  Before disabling I checked that the rules for file and printer sharing allowed inbound traffic, and boom it started working.

Lesson learned on old 2003 server to never believe that the service is off and allowing all traffic.

Thanks fo your time.
0
 
X-spookAuthor Commented:
My solution is what fixed the problem.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now