I can't browse or access file shares. If i type a unc with an ip, i get "the network location could not be reached". Its my understanding that when you use an ip in a UNC, you are using NTLM and NOT kerberos.
When i run ethereal while trying the unc with ip combo, it looks as if the client is trying to connect on port 80 to the ip?!! i thought it would be 445. However, term services in app mode works fine over the vpn and i'm logging into the domain via the vpn client and the RRAS server. i can ping DC's by name and ip. all dns and wins settings are correct. this is very very strange... i wish i could figure this out. its gonna drive me to distraction. thanks Alex Fontana wrote: > While vpn'd in can you browse/access file shares? I remember having a > similar issue and the fix being the following: > http://support.microsoft.com/default.aspx?scid=kb;en-us;244474 > > -Alex > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom > Sent: Thursday, May 26, 2005 1:24 PM > To: [email protected] > Subject: RE: [ActiveDir] Joining workstation to domain over vpn(again) > > I have no idea but I doubt it because it does an ldap search on my > dc's looking for its name and comes up null. > > I'm not sure what to look for, i've never run a sniffer while joining > a domain. > I guess i'd expect some kerberos and smb... > but i don't see that. just the ldap search(ethereal calls it "cldap") > and dns queries. > even if it were blocked, i should see an attempt on the client side to > connect on these ports but i don't. > and as i said, no firewall of any kind and all other clients at that > location can join via vpn with no issues. > thanks > > > [EMAIL PROTECTED] wrote: >> Does the LDAP ping imply that the client can't access port 389? >> >>> m:dsm:cci:mvp >> >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom >> Sent: Thursday, May 26, 2005 3:47 PM >> To: [email protected] >> Subject: RE: [ActiveDir] Joining workstation to domain over >> vpn(again) >> >> No. >> There are about 5 other win xp clients in that office that have been >> able to join the domain via VPN. >> >> This is the only one with an issue and its not running any fw >> software. >> >> Some of the other's are running xp sp2 with the firewall on and they >> have no issues. >> >> thanks >> >> Medeiros, Jose wrote: >>> Hi Tom, >>> >>> Do you have Zone Alarm or some other type of Software Based >>> Firewall installed? >>> >>> Jose >>> >>> -----Original Message----- >>> From: [EMAIL PROTECTED] >>> [mailto:[EMAIL PROTECTED] Behalf Of Kern, Tom >>> Sent: Thursday, May 26, 2005 12:03 PM >>> To: ActiveDir (E-mail) >>> Subject: [ActiveDir] Joining workstation to domain over vpn(again) >>> >>> >>> I'm still having problems joining a winxp sp1 MS PPTP vpn client to >>> my domain. The client is connecting to a windows 2000 sp4 RRAS >>> server via pptp. When i try to join the domain, I get the prompt to >>> enter creditianls and then, "network name could not be found" error. >>> I have all correct dns/wins settings. I made an #PRE and #DOM entry >>> in lmhosts pointing to the PDCE. >>> >>> When i run ethereal, i see the client querying and getting the srv >>> records from my dns for all dc's in the domain and doing an ldap >>> search on a number of dc's sucessfully. >>> >>> Then the last thing i get is a failed ldap ping(port unreachable). >>> >>> I'm not sure if that's the issue. >>> >>> I'm not doing NAT or Port address transaltion for the RRAS server. >>> It has a public ip. The only PAT/NAT is on the client side but I >>> don't think that is really an issue as I can vpn and auth to AD >>> thru the RRAS server and term service in app mode to other servers. >>> I just can't join the domain. >>> >>> Any help would be great. >>> thanks >>> List info : http://www.activedir.org/List.aspx >>> List FAQ : http://www.activedir.org/ListFAQ.aspx >>> List archive: >>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >>> >>> List info : http://www.activedir.org/List.aspx >>> List FAQ : http://www.activedir.org/ListFAQ.aspx >>> List archive: >>> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> List info : http://www.activedir.org/List.aspx >> List FAQ : http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ >> List info : http://www.activedir.org/List.aspx >> List FAQ : http://www.activedir.org/ListFAQ.aspx >> List archive: >> http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info > : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
