I can set up a VPN from Cisco VPNClient3.0 to PIX506 v6.0(1) and then telnet to a UNIX host on 18.104.22.168, but I cannot get a logon dialog to the WindowsNT Server on 22.214.171.124. The UNIX, NT Server, and PIX inside interface are all on the same LAN 192.0.0.0.
I can ping the NT Server on 126.96.36.199 but how do I get a logon prompt to enter the domain?
The client runs Windows 2000 Professional. But - when it all works - there will be other clients running other OS like W98, NT4, 2000, XP Pro.
If your client is an NT server, you would not get a login prompt as NT/W2K uses the cached credentials to logon you on to the domain. See MS website for explanation of cached credentials. You see only the
domain login, on 95/98 machines. If you want to access resources on the domain, you could manually map to it using names (if Wins is working properly) or its ip address and if your credentials are not right, ie local credentials is diff than domain credentials, a login prompt would appear. The client comes with start before login feature, which basically runs the client as a service and logs you onto the VPN, and then to the domain.
Is the client PC already part of the domain? If so is it set up to prompt for a username/password and Domain? This is more a PC side function that VPN.
The client is Win2000Pro. It does have network access to the NT Server, and will give me the logon prompt with \\
I have tried Start before logon, and most things I can think of. There is a route in the server to the PIX for the IP of the client (allocated from the IP Pool).
Although there is a Dial-up connection for the connection to the ISP, there is none for the connection inside the VPN tunnel. Does this have to be created before it will work? If so, how do I create a connectoid when it only exists when VPN is active? And anyway, the Telnet to the UNIX host on the LAN works even though there is no connectoid.
Do you have the same problems when this PC is directly connected to the LAN? Try to ping by server name instead of ping "ipaddress" type ping and the name of the server you are trying to reach. Like if the server name was Marvin, from a command prompt type "ping marvin". Does this work? If not you have a name resolution issues and we can address that. If you can't do that let me know and as a head start find out how you are doing name resolution. WINS maybe?
When connected on the LAN it all works well. I can connect by name or IPaddress and get a logon dialog, and ping works with either. When connected through VPN I cannot connect with either ip or name ("The network path was not found"), but ping by IPaddress works. Ping by name does not ("Unknown host
Surely if the problem was name resolution it would still work with IPAddress?
Ah-ha! I've just partially fixed it. The connectoid to the ISP did not have the Client for Microsoft Networking enabled (well you wouldn't normally want this to get to the Internet, so it is not enabled by default). Anyway, once enabled I get a logon dialog and can logon to the server.
There is still the issue of having to use the server ipaddress as the name is not being resolved. But I have put the server IP address as the WINS server, and it seem to work.
The next step is how to package all this up so I can send out one CD so remote client can install it all!
Still, so far so good. Thanks for your help.
Well I just wrote up a whole thing and you seem to be having the same problem as I am. I tried to do the same things (enable File Sharing) but it still doesn't seem to work. I don't use Wins on this LAN configuration that I have.
Do you have any other suggestions (look at my problem entitled XP VPN Client - Connected but Nothing else)