VPN and login

Stephen Hope SHOPE at DATARANGE.CO.UK
Fri May 19 04:38:25 EDT 2000 

One thing we have noticed when logging in is that NT tries to be clever with
caching logins and passwords. NT assumes that a PC with a working network
link will have domain connectivity on boot.

Depending on your setup on boot (before a user has a working link to the BDC
/ PDC), you may get a domain login panel up on the PC.

In some circumstances, you may need to put your password in at that point,
rather than ESC or just hit return - the password gets remembered.

This cured some RAS logins for our internal users - VPN will see the same
issues.

Stephen

Stephen Hope C. Eng, Network Consultant, shope at datarange.co.uk,
Datarange Communications PLC, part of Energis, WWW:
http://www.datarange.co.uk
Carrington Business Park, Carrington, Manchester , UK. M31 4ZU
Tel: +44 (0)161 776 4190 Mob: +44 (0)7767 256 180 Fax: +44 (0)161 776
4189


> -----Original Message-----
> From: Jon Carnes [mailto:jonc at HAHT.COM]
> Sent: Thursday, May 18, 2000 2:59 PM
> To: VPN at SECURITYFOCUS.COM
> Subject: Re: VPN and login
>
>
> If you are connecting two or more sites together then how you
> login really
> depends on the network you are using.
>
> For an NT network you should have a BDC (backup domain
> controller) and a
> WINS server at the remote location.  You can get by without
> them, but timing
> issues on the remote network will frustrate you.
>
> For Novell, you should have a server on site at the remote
> location.  Again
> you can get by without, but timing issues will frustrate your users.
>
> For a Unix environment you should be fine (but it depends on the exact
> functionality you want out of your network).
>
> If you are just attaching individual machines (home users and
> travelers) via
> VPN, then once the vpn connection is made, the remote users
> just carry on as
> though they were on the local network.  For NT machines on an
> MS-NT network,
> you will have to manually add any remote machines to the
> Domain (unless they
> were once on the domain and have already been added).  To add
> a machine to
> the Domain you would go to the PDC (primary domain
> controller) and under
> Administrative Tools / Server Manager, add the remote machine's name.
>
> Your question is a good one, and it is one that Cisco should
> have been able
> to answer.
>
> Best of Luck
>
> Jon Carnes
> MIS - HAHT Software
>
> ----- Original Message -----
> From: "Lauziere, Thomas" <tlauziere at GOULSTONSTORRS.COM>
> To: <VPN at SECURITYFOCUS.COM>
> Sent: Wednesday, May 17, 2000 8:47 AM
> Subject: VPN and login
>
>
> > I've had discussions with Cisco about installing a VPN on our PIX
> firewall,
> > but I think I missed something.
> > We've gone over all the intricacies of establishing a connection,
> > encryption, des, 3des etc., but when I ask them simply,
> once the tunnel is
> > established how do I log in to the network and run apps,
> they balked and
> > said call the application support people. Cisco is only
> responsible for
> > establishing the tunnel. Let me say that our intentions as
> far as the VPN
> is
> > concerned is for remote users only, and I was told they
> could log in and
> it
> > would be the essentially the same as connecting from inside the
> building.(an
> > NT4 Win98 network)
> >
> > I know this is a bit of a rudimentary question for the
> obvious expertise
> > exhibited here, but if someone could help me out it would be greatly
> > appreciated.
> >
> > Thanks
> >
> > Tom Lauziere
> >
> > VPN is sponsored by SecurityFocus.COM
>
> VPN is sponsored by SecurityFocus.COM
>

-----------------------------------------------------------------------------------------------------------

This email is confidential and intended solely for the use of the individual to
whom it is addressed. Any views or opinions presented are solely those of the
author and do not necessarily represent those of Datarange Communications PLC.
If you are not the intended recipient, be advised that you have received this
email in error and that any use, dissemination, forwarding, printing, or copying
of this email is strictly prohibited.

We have an anti-virus system installed on all our PC's and therefore any files
leaving us via e-mail will have been checked for known viruses.
Datarange Communications PLC accepts no responsibility once an e-mail
and any attachments leave us.

If you have received this email in error please notify Datarange Communications
IT department on +44 (0) 1494 476222..
-----------------------------------------------------------------------------------------------------------

VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list