Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Client Trust Failures

Status
Not open for further replies.
PHay

PHay

IS-IT--Management
Aug 12, 2002
6
AU
Hi all

We are running BorderManger 3.8 SP1 with Client trust to the PCs via a login script. We also use the SurfControl Web Filter and are enforcing BM access rules. However some of the clients are timing out to the BorderManager login page. When I check the stats for Client Trust on the PC in question the failure count climbs - I presume because it cannot connect to the BM server.

There is nothing consistent with the PCs in reagrds to specification. It happens at different times on different PCs of varying spec (brand new PIV 3.0 GHz PCs right down to PIII 800s) and Windows OS (Win NT 4.0, Win2K and XP all with the latest SPs).

The only way I can get this to work is to turn off single sign on and stop enforcing access rules which I do not want to do.

Things I have attempted to fix this

Run client trust from local PC.
Upgrade to the latest NetWare Client (4.9 SP2).
Increased the Single Sign On timeout on the BorderManger to 60 seconds.
Downloaded the latest proxy patches and client trust.

None of these things have worked.

I also have the problem that when these particular users attempt to logon to the BorderManager server that it fails - login attempt failed and returns to the BM login page. Novell's fix is to increase the number of allowed logins on their User account - not a real solve in my book.

Any help would be apreciated

Paul Hay
 
Sort by date Sort by votes
I would also like to find a solution for this. I am experiencing the identical issue!
 
Upvote 0 Downvote
You do need to bump the user login count to at least 3 if you use proxy authentication. This is because their workstation login is already using one login, and you need another for the proxy authentication to not fail.

It is pretty normal to give the user one extra login than what they actually need.


on ClntTrust, I would question your network backbone and the replica health on the BM box.

Also keep in mind, that the Novell client is distributed to work on 99% of the networks in the world, it is up to the admin to configure the client for their needs. If you go through the settings you will find many you just don't need enabled. Like did you know the 4.9 client will ping every server on your network non stop? causes a lot of network traffic, but it CAN be turned off in the client settings.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Brent Schmidt Certified nut case [hippy]
Senior Network Engineer
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Russtoleum
  • Locked
  • Question
Windows client can't connect to sonicwall l2tp server
Replies
0
Views
85
Russtoleum
Russtoleum
pbxnkey
  • Locked
  • Question
Cisco ASA VPN using Windows Client-Error 691
Replies
1
Views
105
pbxnkey
pbxnkey
plim81
  • Locked
  • Question
Win 7 - Sonicwall Client - Received invalid ID information notify
Replies
1
Views
134
joepc
joepc
pbxnkey
  • Locked
  • Question
Cisco VPN Client and NetBios
Replies
2
Views
74
pbxnkey
pbxnkey
GoApex
  • Locked
  • Question
Avaya IP Office iPhone SIP Client won't establish talk path (RTP Ports) through ASA
Replies
1
Views
95
nnaarrnn
nnaarrnn

Part and Inventory Search

Sponsor

Back
Top