• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

DC not always available to authenticate against.

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS >> DC not always available to authenticate against. Page: [1]
Login
Message << Older Topic   Newer Topic >>
DC not always available to authenticate against. - 6.Jul.2009 2:29:20 PM   
BrandonOz

 

Posts: 25
Joined: 30.Jan.2007
Status: offline
Why is it that domain users can successfully authenticate and connect, but not have access to remote shares on the file server all the time?

If a user puts their laptop in sleep mode, then wakens it to VPN. The user can use the mapped network drives to connect to shares on the SBS and the additional file server. But if they turn off their laptop and start fresh by going through the login process, once they successfully VPN in, they cannot access any shares on the file server.
The user is told that the DC is unavailable for them to authenticate too?

Weird yet is that when I monitor the logs, the only traffic I see that is denied is to a ip of 255.255.255.255.

Could anyone help me?

Thanks!

P.S Could it be a speed issue between client and network?
Post #: 1
RE: DC not always available to authenticate against. - 6.Jul.2009 3:40:57 PM   
Rotorblade

 

Posts: 1348
Joined: 27.Feb.2007
Status: offline
Could be a few reasons. How is DNS/WINN's configured for the VPN client? ISA/SBS DNS configuration? Are the VPN clients split-tunneling?

quote:

 
255.255.255.255.


Broadcast traffic? Do a packet capture and inspect?

RB

_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to BrandonOz)
Post #: 2
RE: DC not always available to authenticate against. - 6.Jul.2009 3:47:22 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
You are not giving it the correct DNS and WINS settings when it connects to the VPN.

You are probably not logging in correctly either.  When loggin in at the Ctr-Alt-Del prompt you must enable the checkbox that says log on using dial up connection and choose the correct VPN.


_____________________________

Phillip Windell

(in reply to BrandonOz)
Post #: 3
RE: DC not always available to authenticate against. - 6.Jul.2009 4:16:25 PM   
BrandonOz

 

Posts: 25
Joined: 30.Jan.2007
Status: offline
Wins and DNS are correct. I can use netbios succussfully without any problems.

As for the Login using dial up, i have tried this with success to VPN in. The problems is still the same when it comes to accessing remote shares on the file server.


(in reply to BrandonOz)
Post #: 4
RE: DC not always available to authenticate against. - 6.Jul.2009 5:12:03 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
Then you need to se the log filter to limit the view to the Source Network of "VPN Clients".  Then see what it shows.

_____________________________

Phillip Windell

(in reply to BrandonOz)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> ISA 2004 SBS >> DC not always available to authenticate against. Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts