I have a WinXP Prof client trying to authenticate to Exchange through a
Cisco VPN 3.0
I can connect and authenticate to all network resources with the exception
of Exchange...it doesn't utilize the integrated single-sign-on that it
normally used to. What I notice in my services applet is that IPSec service
stops upon authentication of the VPN...could that have something to do with
it?
connect to the network via vpn and then do the following.
nbtstat -a <exchange server name>
nbtstat -A <ip address of exchange server>
nslookup -q=A <exchange server name>
nslookup -q=A <fqdn.exchange.server.name>
basically what we are looking for is to see if anything comes back on a
secondary interface that says not found or slow name resolution. By the
way, you didn't mention what version of Exchange is in use, so if it is
Exchange 200x, then do the same tests above with the name of the global
catalog server(s).
Computer Name: CIL-132
DNS Host Name: CIL-132.company.net
System info : Windows 2000 Professional (Build 2600)
Processor : x86 Family 6 Model 9 Stepping 5, GenuineIntel
List of installed hotfixes :
KB823559
KB828741
KB833407
KB833987
KB835732
KB841533
KB873376
KB887822
Q147222
Q323255
Q329115
Netcard queries test . . . . . . . : Passed
[WARNING] The net card 'RAS Async Adapter' may not be working because it
has
not received any packets.
GetStats failed for 'Infrared Port'. [ERROR_NOT_SUPPORTED]
[WARNING] The net card 'SMC IrCC - Fast Infrared Port' may not be
working be
cause it has not received any packets.
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{835C0C29-41D5-4784-80B8-FC860CFF960C}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{835C0C29-41D5-4784-80B8-FC860CFF960C}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{835C0C29-41D5-4784-80B8-FC860CFF960C}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Passed
Secure channel for domain 'company_HQ' is to '\\hq-ADMIN.company.net'.
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for
host/CIL-132.company.net.
LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC
'hq-share1129a.company.n
et'.
[WARNING] Failed to query SPN registration on DC
'hq-share2.company.net'.
[WARNING] Failed to query SPN registration on DC
'hq-share1.company.net'.
[WARNING] Failed to query SPN registration on DC 'hq-avsms.company.net'.
[WARNING] Failed to query SPN registration on DC
'hq-share1129b.company.n
et'.
[WARNING] Failed to query SPN registration on DC 'hq-ADMIN.company.net'.
[WARNING] Failed to query SPN registration on DC 'hq-dc1.company.net'.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
Service status is: Started
Service startup is: Automatic
IPSec service is available, but no policy is assigned or active
Note: run "ipseccmd /?" for more detailed information
