Archetypture
IS-IT--Management
Hardware: Watchguard SOHO 6 firewall
Software: Server 2003 (Small Business Server 2003)
So, prior to our upgrading to SBS, we used to be on an XP file/print server, and everyone was on a workgroup. We had VPN capability through our firewall, and everything was running quite smoothly.
Enter SBS 2003. The whole upgrade went rather well, but now we face an issue with particular users trying to use the firewall VPN. These users are the ones who have laptops that double as their workstation while at the office.
Scenario: User undocks laptop and takes it home. Plugs into the intraweb and logs onto the computer using the same Domain User as at the office. Connects to the VPN and attempts to log in using the same user name and password as what logged him onto the computer/domain. XP burps up an error that says the user name is already in use on the domain and can't authenticate. User gets around this by logging on to the VPN as a different in-office user.
So......What to do? I know that we could utilize Server 2003's VPN capability, but it seems complicated to learn, and kind of silly since the firewall VPN is so close to working correctly (also, we like just being able to open an Explorer window to drag/drop files, rather than having a "remote desktop"). We could also set up alternate "remote users" in Server 2003, but we've only got 10 licenses, and are utilizing 9 of them already.
Thanks to anyone who read through this whole post, and more thanks to anyone who can offer a solution.
Software: Server 2003 (Small Business Server 2003)
So, prior to our upgrading to SBS, we used to be on an XP file/print server, and everyone was on a workgroup. We had VPN capability through our firewall, and everything was running quite smoothly.
Enter SBS 2003. The whole upgrade went rather well, but now we face an issue with particular users trying to use the firewall VPN. These users are the ones who have laptops that double as their workstation while at the office.
Scenario: User undocks laptop and takes it home. Plugs into the intraweb and logs onto the computer using the same Domain User as at the office. Connects to the VPN and attempts to log in using the same user name and password as what logged him onto the computer/domain. XP burps up an error that says the user name is already in use on the domain and can't authenticate. User gets around this by logging on to the VPN as a different in-office user.
So......What to do? I know that we could utilize Server 2003's VPN capability, but it seems complicated to learn, and kind of silly since the firewall VPN is so close to working correctly (also, we like just being able to open an Explorer window to drag/drop files, rather than having a "remote desktop"). We could also set up alternate "remote users" in Server 2003, but we've only got 10 licenses, and are utilizing 9 of them already.
Thanks to anyone who read through this whole post, and more thanks to anyone who can offer a solution.