When Connected to VPN (L2TP) Automatic Login to Intanet Zone does not work...

[Scott Townsend]

We are connecting to a Cisco PIX with the built-in Vista L2TP Protocol.
The Connection works fine and allows access to the Intranet.

When we Connect to the Intranet Website it prompts for a Username and
Password, The Default username that is supplied is the username that is used
to Connect to the VPN.

Is there a way to it to use the Logged on to the machine user vs. the Logged
on to the VPN User?

Thanks,
Scott<-

 

[Miles Li [MSFT]]

Hello,

Thank you for posting here.

According to your description, I understand that:

You want to know how to use the logged user account instead of the VPN user
account when accessing remote resources through VPN.

If I have misunderstood the problem, please don't hesitate to let me know.

Suggestions:
==========================
BY default credential is cached in the Credential Manager once you input
the password/name and connect the VPN. A credential represents information
used to access resources on behalf of a user. In this issue that you want
to use the logged user account instead of the VPN user account, you may
change the User Authentication mode on the clients to make it automatically
logon with current user account. To do that:

1. Open the Internet Explorer--->Tools--->Internet Option--->Security tab.
2. Click Local Intranet--->custom level--->User Authentication--->Logon.
3. Select the option "automatically logon with current user name and
password" and click OK.
4. Then check how it works.

Hope it helps. If you have any questions or concerns, please do not
hesitate to let me know.







Best regards,
Miles Li

Microsoft Online Partner Support
Microsoft Global Technical Support Center

Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Scott Townsend]

Thank you for your reply.

Unfortunately that's what we have setup on our machines. Though it is not
using the Machine Logon Credentials, its Trying to use the VPN Login
credentials.

When we go to the page, It always prompts us for a username and password and
the username that is in the Username field is the one that was used for the
VPN login,

Thanks,
Scott<-

 

[Miles Li [MSFT]]

Hello,

Thanks for the update.

To work around this problem, you may try to use the Connection Manager
Administration Kit (CMAK) wizard to create a custom Connection Manager
profile for your Dial-Up Networking connection to the VPN server. You may
add the DontUseRasCredentials key to specify whether to cache credentials
in Stored User Names and Passwords for use when accessing resources after
logging onto the network. To achieve your goal, you should specify the
connection not to use the RAS credentials while accessing the remote
resources.

Set the DontUseRasCredentials key to 1

The DontUseRasCredentials key specifies whether to cache credentials in
Stored User Names and Passwords for use when accessing resources after
logging onto the network. When you set this key to a value of 1, user
credentials are not cached.

For more information about the Windows Server 2003 Connection Manager
Administration Kit, visit the following Microsoft Web site:

Networking keys
http://technet.microsoft.com/en-us/library/cc758268.aspx

Hope it helps. If you have any questions or concerns, please do not
hesitate to let me know.


Best regards,
Miles Li

Microsoft Online Partner Support
Microsoft Global Technical Support Center

Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Scott Townsend]

So how do I go about installing the CMAK on a Vista 64 bit machine?
Is there a way to modify the Existing Connection file (rasphone.pbk)

Thanks,

 

[Miles Li [MSFT]]

Hello,

Thanks for the update.

For a existing connection file, you may try to modify the UseRasCredentials
value to 0 in the pbk file to check how it works.

For detailed information, you may refer to:

822707 Access Denied" error message when you try to
access remote resources
http://support.microsoft.com/default.aspx?scid=kb;EN-US;822707

Hope it helps. If you have any questions or concerns, please do not
hesitate to let me know.




Best regards,
Miles Li

Microsoft Online Partner Support
Microsoft Global Technical Support Center

Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.