RAS site to site vpn User Authentication

  • Thread starter Thread starter StinkyDuck
  • Start date Start date
S

StinkyDuck

We are trying to setup a RAS site to site VPN connection. Both sites
have domains. We were able to successfully setup a site to site VPN but
have some questions concerning user credentials.

If a user at site A attempts to connect to a server/computer/network
share on site B, how do the credentials work? Are the credentials
passed through the VPN connection? When trying to connect to a
server/computer/network share will it use the credentials of the Demand
Dial user?

We would like user from both domains to be able to access
server/computer/network shares on either domains. Do we need to perform
a trust between the domains first?

Any help would be greatly appreciated.

-StinkyDuck
 
If you have a lot users need to access each other, it is better to create trust. If only a few users, you may just create the same username and password on the remote server.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
We are trying to setup a RAS site to site VPN connection. Both sites
have domains. We were able to successfully setup a site to site VPN but
have some questions concerning user credentials.

If a user at site A attempts to connect to a server/computer/network
share on site B, how do the credentials work? Are the credentials
passed through the VPN connection? When trying to connect to a
server/computer/network share will it use the credentials of the Demand
Dial user?

We would like user from both domains to be able to access
server/computer/network shares on either domains. Do we need to perform
a trust between the domains first?

Any help would be greatly appreciated.

-StinkyDuck
 
StinkyDuck said:
We are trying to setup a RAS site to site VPN connection. Both sites
have domains. We were able to successfully setup a site to site VPN
but have some questions concerning user credentials.

If a user at site A attempts to connect to a server/computer/network
share on site B, how do the credentials work? Are the credentials
passed through the VPN connection? When trying to connect to a
server/computer/network share will it use the credentials of the
Demand Dial user?

We would like user from both domains to be able to access
server/computer/network shares on either domains. Do we need to
perform a trust between the domains first?

Any help would be greatly appreciated.

-StinkyDuck
Click to expand...
When I try to establish the VPN connection, I'm getting the following error:

An error occurred during connection of the interface.
No more connections can be made to this remote computer at this time
because there are already as many connections as the computer can accept.

I'm not sure what to look for at this point.

-StinkyDuck
 
StinkyDuck said:
When I try to establish the VPN connection, I'm getting the following
error:

An error occurred during connection of the interface.
No more connections can be made to this remote computer at this time
because there are already as many connections as the computer can accept.

I'm not sure what to look for at this point.

-StinkyDuck
Click to expand...

It's possible that the error id directly related to the VPN, or that you
simply don't have enough server CALs for additional connections. Maybe
you can answer these questions to help with the diagnosis:

1) What type of site-to-site VPN? (You said RAS, but specifically PPTP?,
L2TP?, etc.).

2) Remote server licensed in "per server" or "per device/user" mode?

3) How many licenses?

4) How many connections?

....kurt
 
Kurt said:
It's possible that the error id directly related to the VPN, or that
you simply don't have enough server CALs for additional connections.
Maybe you can answer these questions to help with the diagnosis:

1) What type of site-to-site VPN? (You said RAS, but specifically
PPTP?, L2TP?, etc.).

2) Remote server licensed in "per server" or "per device/user" mode?

3) How many licenses?

4) How many connections?

...kurt
Click to expand...
I have setup PPTP.

The licensing is per device. We are running Win2003 Small Business
Server. When checking the licenses it says the following:
Installed Licenses: 45
Maximum Usage: 34

I'm just trying to connect the DOD connection and the connection error
comes up.

-StinkyDuck
 
StinkyDuck said:
We are trying to setup a RAS site to site VPN connection. Both sites
have domains. We were able to successfully setup a site to site VPN
but have some questions concerning user credentials.

If a user at site A attempts to connect to a server/computer/network
share on site B, how do the credentials work? Are the credentials
passed through the VPN connection? When trying to connect to a
server/computer/network share will it use the credentials of the
Demand Dial user?

We would like user from both domains to be able to access
server/computer/network shares on either domains. Do we need to
perform a trust between the domains first?

Any help would be greatly appreciated.

-StinkyDuck
Click to expand...
Here is an article i found browing Google Groups. Doesn't make much
sense though. Can anyone shed some light?

http://groups.google.com/group/micr...=event+id+20097&rnum=1&hl=en#d029c090fa1f00d5

-StinkyDuck
 
Licenses have an affect on your connections but ALSO WAN Miniports do too.

In your RAS look at the item titled "Ports". It will be on the left under the RAS Server you selected.

"Right Mouse click" on Ports and select "Properties".

You will probably see two items:

WAN Miniport (PPTP)
WAN Miniport (L2TP)

On the FAR RIGHT COLUMN look at the "Number of Ports"

Double click on the line item and increase the number until you see your users connecting.

This works for demand dial and remote access as router.

(Note: I have noticed that even though the "Ports" listing will show some "inactive", this is not a clear representation of how many are available based upon the protocol you are using.)
 
Hi Mark,

We are having an issue where we have set the number of ports to be 128 for
both PPTP and L2TP but no more than 16 simultaneous connection are allowed.

I am at my wits end trying to figure this one out. Any ideas?
 
Back
Top