Domain resources in router to router VPN

[Dave]

I'm setting up a VPN for a client of mine and having a
couple obscure issues and one of them seems to be related
to Windows Server 2003 (SBS). Maybe somoone can point me
to the right resource.

Here is the problem:

I have a VPN (router endpoint to router endpoint)
successfully working between the main office and a remote
site. The user has a laptop (xp pro sp1) that has been
added to the domain and has worked at the office. Now
when the laptop is at the remote site, I can log into the
domain and check email from the exchange server over the
vpn, but I just can't access any file shares on the
server while logged into the domain. When I do this, I
get a login prompt that fails no matter what user I put
in.

Here is the odd thing. If I don't log into the domain
(just logon as a user on the local machine) then I am
able to access file shares. Start Run \\server\share.
When prompted, I put in the exact same user and password
that I had tried before when logged into the domain and
voila.

So something is happening when I log on to the domain
that is prohibiting me to access file shares via the VPN.

The vpn routers are connecting separate subnets and
netbios is supposed to be being passed over the vpn by
the endpoints.

Thanks for any tips,
Dave

Oh, one other issue that may or may not be related is
that the same machine won't browse the internet via http
while connected to the VPN at the remote site. I can
connect to other internet resources (ftp, telnet, etc) as
well as connect to a web server at each subnet of the
VPN, but just no http via the internet. This occurs
when logged into the network on not on this machine, but
it doesn't occur when moved to a different network (not
on the vpn) Also, When I attached my personal laptop to
the network I was able get full internet access and
access to file shares accross the vpn (I wasn't logging
into the domain at the time).

Thanks again for any help!

 

[Bill Grant]

The VPN link just looks after the routing. What is your domain structure?
Is the remote site part of the domain? Is it a different domain? Or is it a
workgroup?

 

[Dave]

The remote site has no domain controller. It is actually
the owner of the company's home. He has a desktop
machine at work, and a laptop which he mainly uses at
home, but also on the road or at the office. Currently,
he is using the same logon (onto the office domain) no
matter where he is with the laptop. This allows him to
use the same profile on the machine (roaming profiles
aren't set up) whereever he is even if the domain
controller isn't available (no network connection).

So the problem occurs when he logs into the office domain
via the VPN connection and only when he is logged into
the domain. If he goes workgroup style and just logs
onto the local machine via the local admin profile, then
he can successfully get into the file shares on the
server (over the vpn).

Thanks for the help!
Dave

 

[Guest]

I should probably also mention that the laptop has the xp
firewall disabled currently and also doesn't have any
other firewall software installed. Also the server is
not currently running ISA.

Thanks again,
Dave

 

[Bill Grant]

If a user logs into a workgroup using a workgroup/username/password
combination which exactly matches a valid domain/username/password on the
domain, the domain will allow access, because the credentials match.

This will not work in reverse. A workgroup machine will not accept the
domain credentials.

 

[Guest]

I agree.

This is a laptop that moves from one subnet of a network
to another subnet of the network. The network is
connected via a VPN. I want the laptop to log into the
network even when connected to the remote subnet. The
laptop appears to log in fine and I can access exchange
server as well as send and receive messages. However I
can't access the file shares on the server when connected
to the remote side. The server in question is a SBS2003
server so everything is self contained. Any tips on
troubleshooting this?

Thanks!
Dave

-----Original Message-----
If a user logs into a workgroup using a workgroup/username/password
combination which exactly matches a valid

domain/username/password on the

 

[Bill Grant]

The only way to make it all work tranparently would be to have all
machines in both sites members of the domain. How is it set up at the
moment? Is the branch office a workgroup?

 

[banguelle]

El martes, 31 de agosto de 2004 10:49:44 UTC-3, Dave escribió:

I'm setting up a VPN for a client of mine and having a
couple obscure issues and one of them seems to be related
to Windows Server 2003 (SBS). Maybe somoone can point me
to the right resource.

Here is the problem:

I have a VPN (router endpoint to router endpoint)
successfully working between the main office and a remote
site. The user has a laptop (xp pro sp1) that has been
added to the domain and has worked at the office. Now
when the laptop is at the remote site, I can log into the
domain and check email from the exchange server over the
vpn, but I just can't access any file shares on the
server while logged into the domain. When I do this, I
get a login prompt that fails no matter what user I put
in.

Here is the odd thing. If I don't log into the domain
(just logon as a user on the local machine) then I am
able to access file shares. Start Run \\server\share.
When prompted, I put in the exact same user and password
that I had tried before when logged into the domain and
voila.

So something is happening when I log on to the domain
that is prohibiting me to access file shares via the VPN.

The vpn routers are connecting separate subnets and
netbios is supposed to be being passed over the vpn by
the endpoints.

Thanks for any tips,
Dave

Oh, one other issue that may or may not be related is
that the same machine won't browse the internet via http
while connected to the VPN at the remote site. I can
connect to other internet resources (ftp, telnet, etc) as
well as connect to a web server at each subnet of the
VPN, but just no http via the internet. This occurs
when logged into the network on not on this machine, but
it doesn't occur when moved to a different network (not
on the vpn) Also, When I attached my personal laptop to
the network I was able get full internet access and
access to file shares accross the vpn (I wasn't logging
into the domain at the time).

Thanks again for any help!

Hello everyone,

I would like to tell you about free web hosting service I use now.
Register here: http://www.000webhost.com/663048.html

They give 1500 MB of disk space and 100 GB data transfer. I am now using them for about 3 months and never seen any downtime of server problems. Thereis no any kind of advertising on my pages too, so I think its worth to signup.