problem with vpn and domain

[crashuk]

ok ive set up my server 2000 now the strange thing is i cant seem to log on to the domain, but if i untick "include windows logon domain" on the host side( virtual private connection, properties, select the options tag and untick include windows logon domain) i can log on to the server and map drives.

BUT if i tick "include windows logon domain" then click ok then click vitual private connection enter the password, username and domain it says: your credentials have failed remote network authentication. Enter a user name and password with access to the remote network domain.
but the user name and password is in the ad. can any1 help with this problem?

 

[tonymce]

what client OS are you using?
are you trying to log onto the domain or long onto the vpn??
is the daomin for FQDN eg . my.mycompany.com
also try domainname\username in the username box

 

[crashuk]

ok iam using vpn to connect to the server i can connect to the server if i dont use the domain name, if i just enter the password and user name, if i enter the user name , password and enter the domain it gives me the error i said above. iam using server 2000 and windows 2000

 

[PeterHurst]

To use Domain Authentication the server must be correctly on the domain - you must also have the security set to Windows authentication (unless you set an AD controller as an MS RADIUS server too)

The Client should be registered on the XP firewall.. seems odd - the ports you mentioned aren't connected with PPTP anyway. GRE and port 1723 need to pass to the server but you must have that to have any clients working. I don't think ports is the issue anyway or you woldn't authenticate at all.

Make sure the VPN server can log on to the domain and then try.

I can only say we have XPSP2 working fine...

 

[crashuk]

ok how do i make sure the VPN server can log on to the domain. what are the steps plz thx

 

[crashuk]

C:\>nslookup richardc <--- name of server
Server: richardc.richard.com
Address: 192.168.1.2

*** richardc.richard.com can't find richardc: Non-existent domain

C:\>nslookup richard.com
Server: richardc.richard.com
Address: 192.168.1.2

Name: richard.com
Addresses: 192.168.1.19, 192.168.1.2



PPP adapter Virtual Private Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.16
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.2
192.168.1.2
Primary WINS Server . . . . . . . : 192.168.1.2



just dont understand why i cant seem to log onto the domain via vpn, i connected from outside my lan from a friends pc, i can do nslookup from a wan connection.
can any1 help me plz

 

[crashuk]

ok worked it out tonight;
what i did was
tick "include windows logon domain" then click ok then click vitual private connection enter the password, username and domain with out the .com
then i added the pc to the domain via my computer properties, network identification, rename or join click properties entered the admin user name and password. the pc changed from work group to domain.

 

[crashuk]

now to reformat my server and start again do the whole process again then format it and do it again but this time use l2tp. but the above was wired it didnt work when i did it before hummmm.

 

[crashuk]

plus is there any way to stop some1 adding the pc too the domain over vnp? cuz thats what i did