domain login over vpn connection

Unanswered Question
Sep 15th, 2003
User Badges:


we have a cisco 3000 vpn concentrator. What we want to do is to connect a windows client over VPN to the concentrator and then to log on to our NT4 domain.

I could establish the vpn connection to the concentrator but I did not get a domain login.

From the concentrator I could authenticate user from our domain.

What have I to do to make it possible to log in into a windows domain ?

Thank you for your help


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
travis-dennis_2 Tue, 09/16/2003 - 09:18
User Badges:
  • Gold, 750 points or more

I assume this is the software client? You need enable "Start before logon" on the VPN client. The client gets the tunnel up and then the Windows logon box should appear. What kind of Internet connection are you using? When exactly are you creating the tunnel? After you have logged onto the box with cached credentials?

Bovermann Tue, 09/16/2003 - 22:49
User Badges:

Yes its the software client 4.0 for windows. I enabled start before log on and the connection is established but I can´t login into our domain.

I did it like RAS conncetion but it does not work.

I´m using ISDN 64KBit for internet connection but our users who will connect to our domain via vpn will use DSL.

I also tried it without cisco client but the result remain the same.

I did not get a login e.g the script for the shares did not run.

Thanks for your reply


travis-dennis_2 Thu, 09/18/2003 - 16:40
User Badges:
  • Gold, 750 points or more

Are u selecting the check box for "log in using dial up connection"? Sounds like you are. That box should not be checked

Bovermann Thu, 09/18/2003 - 22:49
User Badges:

Yes I do. I will try it without this check box

Bovermann Mon, 09/22/2003 - 03:28
User Badges:


I checked my entries at the vpn client and they seemed OK. I can establish a conncetion to the vpn concentrator but I cant ping anything inside the domain network. If I conncet me the W2K integrated "VPN Client" I got also a connect and I can ping everything in the domain network.

The differences between this two ways are that Microsoft uses L2T or PPP and cisco client uses IPSEC or IPSEC over UDP and you must define a group and then the user for this group.

I created a group and a user and asigned this user to this group but after this I can´t ping any PC or server.

I do not know what I should do to reach this PC / Servers

Thanks a lot



This Discussion