Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX/Microsoft VPN Newbie Question --

Status
Not open for further replies.
WANguy2k

WANguy2k

MIS
Feb 25, 2002
363
0
0
US
I have a PIX 515E firewall. I set up PPTP VPN, and am able to connect to the network from home. If I do an IPCONFIG, I get the proper IP address DNS entry on my VPN connection. (This was obtained from the PIX.) I can ping addresses on the internal network.

I set up a 2003 server with routing and remote access inside, but I seem to be missing a piece: When I open the VPN connection I'm not prompted to logon to the domain. Also, I can't browse the network or ping by name.

Should I be assigning IP addresses using the PIX, or is there a way to allow my internal DHCP server to assign the client IP settings? Also, how do you make the client logon to the domain once the VPN connection is established?

I'm reading the MS documentation on Routing and Remote access, but I'm a little pressed for time.

Thanks in advance.
 
Sort by date Sort by votes
Are you trying to get the server to use your XP workstation to access the other network?
Are you trying to get a second tunnel, from the server to the other network, up and running?
What kind of Router/Firewall do you have at home?

I assume your W2K server is at home, true?
 
Upvote 0 Downvote
I want to set up a remote access server to allow home users VPN access to our Windows 2003 network. The remote access server is inside the company network, the PIX 515E firewall is on the company network connected to the internet.

I was trying to connect using my home PC with a PPTP VPN connection.
 
Upvote 0 Downvote
Then the VPN tunnel ends at the Pix, not the server. You need to configure authentication on the PIX to log on to the network when connected. This means a Radius or Tacacs server. Do you have those?
 
Upvote 0 Downvote
No, I set up local authorization on the PIX. So, when the user starts the VPN connection they get prompted for the user ID on the PIX. After authenticated, they're on the network. I thought at that point I needed the MS Routing and remote access server to get them access to the servers in the domain. Now that I read the documentation I'm not sure I need the MS server at all. (Looks like its purpose is to do NAT and VPN, which is already done on the PIX.) The question remains, once I'm tunnelled in, how to I get the PC to logon to the domain?
 
Upvote 0 Downvote
Did you say the Cisco PIX 515E, and if so you can use, cisco VPN client, and use "Start Before Logon" feature, which gives an option to logon to the domain.
 
Upvote 0 Downvote
The option offered by revururaj is, i think, your best solution. This will force the logon to the network if the user needs it and they can just cancel the client login window if they don't.
 
Upvote 0 Downvote
Oh, and BTW, no, you don't need a RRAS if your VPN is Cisco. The Cisco device will do what is necessary for access rights.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
305
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Question
Best vpn safe and fast
Replies
4
Views
196
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
169
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
125
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
220
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top