NTLM authentication fails over LAN-to-LAN VPN connection
We have two site, mainsite and secsite, which are connected through a LAN-to-LAN VPN using 3030 on mainsite and PIX 515 on secsite. Recently, we run into problems accessing some servers in secsite from mainsite. Specifically, when accessing a server on secsite via Start-Run-\\<servername>, we are prompted with an authentication dialog box. Unfortunately, regardless of the domain account we use, access is denied. The mainsite has a PDC and a BDC and the secsite has a BDC as well and both sites are members of the same NT domain.
Re: NTLM authentication fails over LAN-to-LAN VPN connection
Thanks for the response, I'll try that the next time it happens. It still doesn't make sense to me, though. First of all, I can see if I'm trying to use a new account or had just changed the password but neither was the case. Even if the DCs were out of sync, the user database should still have the account info. Second, I thought that if I try to access the remote server, the remote server would use the remote BDC for authentication. It's very strange to me.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...