Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

AD Domain VPN Access

Status
Not open for further replies.
readyyy

readyyy

Technical User
Jan 24, 2005
29
CH
Hello

Our company network is behind a VPN Network device.

The users connect to the network via the Device VPN client, this works without problems. However, if they want to access files on a Windows File server, they are asked via an authentication Window to provide the credentials.

However, i need the users to be authenticated to our Windows Domain during the VPN login process.

How can i do that?
 
Sort by date Sort by votes
Look into using RADIUS authentication for your VPN solution. This will require you install IAS on a server. But that's trivial.

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
 
Upvote 0 Downvote
Thanks for your answer.

Does Microsoft IAS works together with a Hardware Firewall (in my case, Juniper Netscreen 25)

OR

does IAS works only together with Routing and Remote Access RRAS?

Maybe it would be better to implement an RRAS + IAS solution, i don't know
 
Upvote 0 Downvote
I agree with 58sniper, and can maybe ask a few additional questions:

1. Are the remote client computers domain members?
- if so, they should be able to access the files on the file server regardless of the VPN connection type
- if not, is it possible to join them to the domain?

2. Do the client computers need to run the domain login script (they'll need to be domain members)?
- if so, you might even consider using Microsoft's VPN service Routing and Remote Access for the few clients that may need this - or use RADIUS as mentioned above. Note: there's a trick to this. When your users log into their PC, they should press CONTROL-ALT-DELETE and then check the box for "Log on using dial up connection". They'll be prompted for which VPN connection to use. Since it MUST use their current username and password, you should use Radius/IAS as noted above, or take the easy way out and use Microsoft's RRAS. For additional info on logging into the network remotely - and how to force users to do it - see this MS KB article:
- if not, any VPN connectivity method should work fine, you can even put a shortcut to the login script on the All Users' desktop, in case the user likes to have mapped drive letters.
 
Upvote 0 Downvote
readyy said:
Does Microsoft IAS works together with a Hardware Firewall (in my case, Juniper Netscreen 25)
Click to expand...
It will work with those third party solutions that support it. I know that some of the Pix firewalls support it.

readyy said:
does IAS works only together with Routing and Remote Access RRAS?
Click to expand...
No

Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
676
suncit
suncit
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
783
goombawaho
goombawaho
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
227
ADB100
ADB100
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
288
DrB0b
DrB0b
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
257
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top