vanroybel
asked on
Problem accessing SQL server over a VPN
Hello,
We got a company to come and install a physical VPN at work. We did that so that we could access sage over the VPN from the distant site of our company. Now they have installed the VPN, they say everything is correct, and we cannot access our application. When we launch it, we get the following message : "Cannot generate SSPi context". We have a draytek vigor 2925.
The tech said it was something to do with SQL server. We have SQL server 2008R2.
If anyone got any idea, it would be welcome.
thanks.
We got a company to come and install a physical VPN at work. We did that so that we could access sage over the VPN from the distant site of our company. Now they have installed the VPN, they say everything is correct, and we cannot access our application. When we launch it, we get the following message : "Cannot generate SSPi context". We have a draytek vigor 2925.
The tech said it was something to do with SQL server. We have SQL server 2008R2.
If anyone got any idea, it would be welcome.
thanks.
ASKER
Where did you get this information? We have a sage vendor who comes to our company often, to resolve sage problems, and he doesn't seem to be aware of this. Also, when asking sage itself, we didn't get this information.
Here in the UK Sage can consistently stated that they do not recommend VPN
If data corruption does occur they do not support it ?
May be different where you are ?
If data corruption does occur they do not support it ?
May be different where you are ?
ASKER
I don't know and I'm not very happy with this, we've been trying to set up a vpn for a long time and we've never had any info from sage about this. I will contact our sage vendor and ask about this.
Thanks anyway for the info, and I hope someone else will have something else to say.
We were able a few month ago to make sage work over a VPN, but the performance were not good enough. It was with a openvpn configuration, so now we are trying to do it over a physical VPN so the performance will be better.
Thanks anyway for the info, and I hope someone else will have something else to say.
We were able a few month ago to make sage work over a VPN, but the performance were not good enough. It was with a openvpn configuration, so now we are trying to do it over a physical VPN so the performance will be better.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hello all,
First, cpmcomputers, my sage revendor told me that the applications are different from country to country. So it is possible that your sage in England is very different from my sage in Belgium.
My revendor has asked a specialist from sage for information about this. We still didn't receive any info from them.
Then Vitor, I read your solution, but the problem is not on the server side. We have no problem to access the server from inside the local network. If the problem was on the server side, we shouldn't be able to access the server at all if I understand the problem right. I mean if the server cannot generate a SPN and we are using active directory authentification.
I think it is a DNS problem, the guys installing the VPN couldn't make our DNS work.
I'm gonna try to test this with manual DNS and see if it works.
Thanks for your help.
First, cpmcomputers, my sage revendor told me that the applications are different from country to country. So it is possible that your sage in England is very different from my sage in Belgium.
My revendor has asked a specialist from sage for information about this. We still didn't receive any info from them.
Then Vitor, I read your solution, but the problem is not on the server side. We have no problem to access the server from inside the local network. If the problem was on the server side, we shouldn't be able to access the server at all if I understand the problem right. I mean if the server cannot generate a SPN and we are using active directory authentification.
I think it is a DNS problem, the guys installing the VPN couldn't make our DNS work.
I'm gonna try to test this with manual DNS and see if it works.
Thanks for your help.
ASKER
So I tested the VPN again today. I can ping the name of my SQL server, so the DNS is ok. I have problems going into some computers on the network and I can't browse the content of certain computers. For example I can type the name of the computer and the name of a share in windows explorer and it will load it (not for all of them) but I cannot browse the computer and see all the shares.
Also, I must input the login and password each time I connect to a computer/share in the network.
I cannot input the domain when I connect to the VPN or it gives an error and cannot connect. I must leave domain to blank for it to work.
Is there a problem in the config of the VPN? is there a problem with the authentification?
I still cannot get into sage and get the same error each time (cannot generate SSPI context).
Also, I must input the login and password each time I connect to a computer/share in the network.
I cannot input the domain when I connect to the VPN or it gives an error and cannot connect. I must leave domain to blank for it to work.
Is there a problem in the config of the VPN? is there a problem with the authentification?
I still cannot get into sage and get the same error each time (cannot generate SSPI context).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Might be best to post this latest development as a new question
you will probably get a faster answer
pleased you are getting there
Still not happy with sage over Vpn though ( I would push for a definitive answer?)
you will probably get a faster answer
pleased you are getting there
Still not happy with sage over Vpn though ( I would push for a definitive answer?)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Kinda got the solutions wrong here, I needed to tag my own posts too, especially the last one and third before last one.
Pleased you got this resolved = all that matters
( Maybe I should move to Belgium :-) )
( Maybe I should move to Belgium :-) )
ASKER
Yep it would be perfect thanks
ASKER
Ok now it is correctly tagged.
Thanks for your help Vitor.
Thanks for your help Vitor.
It will work after a fashion
But if you start posting transactions and have a connectivity issue you will almost certainly end up with corrupted databases
You would be better to consider terminal services (now Remote Desktop services )