Credentials and net use problem after IPSec VPN is build

Discussion in 'Windows Networking' started by Juha, Oct 30, 2008.

  1. Juha

    Juha Guest

    Hi

    I have this problem in two separate systems.

    -2003 R2 server domain
    -VPN FireWall where IPSec VPN is terminated
    -Third Party IPSec VPN Client SW where usernames and pws are same as in the
    server
    -Net use /persistent:no

    After the VPN tunnel is build I try to run "VPNLoginScript.bat" which maps
    the drives to shares. For some reason I get this output very often:

    net use y: /d
    y: was deleted successfully.

    net use y: \\192.168.1.10\Share
    The password is invalid for \\192.168.1.10\Share.

    Enter the user name for '192.168.1.10': MyLoginName@DomainName
    Enter the password for 192.168.1.10:
    The command completed successfully. <--- I can now open the share but why it
    asks credentials?

    ********************************
    If I place user name in the shorter way, I get this:

    net use y: \\192.168.1.10\Share
    The password is invalid for \\192.168.1.10\Share.

    Enter the user name for '192.168.1.10': MyLoginName

    To connect DomainName\MyLoginName to 192.168.1.10, press ENTER, or type a
    new user name <--- This appears until i give the user name in syntax
    MyLoginName@DomainName
    **************************

    This might be DNS problem but I wonder if there is a way to get rid of these
    credentials questions. After all, when I login to a "VPNLaptop" I do give
    domain credentials. Why they are asked again?

    At least, is there a way to get a graphical Window asking for credentials?

    Thanks,

    Juha

    P.S. The second place where I have this problem has a Radius Win Server and
    the FW is a Radius Client for that. The behavoiur is same.

    I have tested scripts having some ping, static DNS server settings and
    flushdns/registerdns commands but not really happy with them.
     
    Juha, Oct 30, 2008
    #1
    1. Advertisements

  2. Are they logon domain (even they don't connect to domain the domain
    physically) using domain credentials? If you logon local computer using
    their local username. They may have this issue. Or this post may have more
    details.

    Can't map network drives over VPN
    http://www.chicagotech.net/netforums/viewtopic.php?p=8355#8355

    --
    Bob Lin, MS-MVP, MCSE & CNE
    Networking, Internet, Routing, VPN Troubleshooting on
    http://www.ChicagoTech.net
    How to Setup Windows, Network, VPN & Remote Access on
    http://www.HowToNetworking.com
     
    Robert L. \(MS-MVP\), Oct 30, 2008
    #2
    1. Advertisements

  3. Juha

    Bill Grant Guest

    That is pretty much what I would expect. A VPN connection just gives you
    connectivity. It does not log you in to the domain, The username and
    password you use when you connect is only to authenticate the connection.

    When you try to map a share, the credentials used will be from the
    original logon to the client machine, not from the VPN connection. You need
    to specify your domain credentials on the net use command.
     
    Bill Grant, Oct 30, 2008
    #3
  4. Juha

    Juha Guest

    Thanks

    Yes they do logon to domain allways. It is funny that the other domain
    having this issue has also a win-radius server. When giving credentials to
    VPN FW they give domain credentials to FW. In the FW there aren't any user
    names or passwords it checks them from win-Radius server. But still they need
    to give them again when trying to open a share.

    In radius scenario the RRAS is not enabled.

    Rgs,

    Juha
     
    Juha, Oct 31, 2008
    #4
  5. Juha

    Juha Guest

    Thanks Bill

    How can I specify domain credentials in the script? Surely, I can't code
    usernames and passwords in shuch a script. Also, what happends when it is
    time to change the win-password.

    I wonder if I can start win-pptp-vpn from script before mapping the shares
    (in my system the IPSec VPN tunnel is allready open at this point)? If I then
    enable RRAS on the server the credentials exchange might be smarter. In such
    scenario I run win-pptp-vpn inside the IPSec VPN tunnel.

    RGS,

    Juha
     
    Juha, Oct 31, 2008
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.