Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Using VPN to access remote resources


  • Please log in to reply

#1
Whitaker

Whitaker

    New Member

  • Member
  • Pip
  • 3 posts
We want to enable remote XP clients to access Windows 2003 server resources. XP clients that are members of the server domain can establish VPN connectivity and gain access to server resources just as they can when in the office in the internal network. However, when XP clients that are not on the domain establish VPN connection, they can connect Outlook to the Exchange server, but they are unable to see, much less use, folders on the server. We have checked Sharing and Security on the folders but don't see the problem.
  • 0

Advertisements


#2
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
Since they are not members of the domain, why would they/should they have access to domain resources?

This is by design and is a security issue.

That's the short answer...the long answer is a bit more complicated...each device on the domain has a unique number and that unique number is used to determine whether the machine has access to given resources....if it is not part of the domain, the acl (access control list) will not allow access.
  • 0

#3
Whitaker

Whitaker

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
The answer to your question, GerryF, is that in today's collaborative environment, people may have multiple clients running their own but separate domains. Typically, when someone attempts to access a resource outside their domain, they have to go through an authentication process. But my problem is, we can't even see the resource, and until we can, we can't authenticate.

Thanks for your help.
  • 0

#4
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,019 posts
  • MVP
you would need to create a domain user with vpn access and have them log in as that user once they hit the vpn....what vpn client are you using? do you have a radius server? and why are internal computers using a vpn?
  • 0

#5
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
I am well aware of that, and realize my answer wasn't really helpful

What you need to do is set up a routing and remote access server, and then grant access to the users that way--through RRAS. This will allow non-domain users to access resources through the RRAS, and you control access through that (grant access to a folder, for example and give access to all users accessing through the RRAS)
  • 0

#6
Whitaker

Whitaker

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
The users have valid accounts on the server--i think the fact that they can access Exchange validates their accounts, i think. likewise, as i wrote, we have given them sharing and security priveleges on the folders we want them to use. We use a 3Com OfficeConnect VPN Firewall.
  • 0

#7
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
Exchange validates the user and password for access to it, but not to the domain resources.
  • 0

#8
gerryf

gerryf

    Retired Staff

  • Retired Staff
  • 11,365 posts
http://support.micro...kb;en-us;323415
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP