Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

VPN Tunnel and Vista Security

  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN Tunnel and Vista Security

    I have a PPTP VPN tunnel between myself and a client's ADSL router which is created and established in the usual way through XP or Vista. Once connected, I have access to their servers via VNC or by simply using Explorer. When attempting to access a server using Explorer I should be prompted for the Active Directory domain/username and password.

    However, I am only prompted for security credentials when using XP. If I use Vista, I am not and can can get to anyway with any restriction. Not a problem for me, but certainly for end users who have the same type of remote access.

    I have tried three Vista PC's ( one a fresh VM build, so no saved passwords ) and I am not prompted for any usernames or passwords. But trying three XP PC's and I am challenged everytime.

    The VPN username and password on the router are completly different to any AD account they have, so it cannot wher eit maybe getting the detail from.

    This is the only site where we maintain not only their remote access using this method, but also their AD. So I cannot test on another site easily without arousing suspision of a security vunerability

    Any ideas ????

  • #2
    Re: VPN Tunnel and Vista Security

    Problem solved

    Vista automatically uses the VPN credentials to authenticate with a remote Active Directory, where as XP does not. Fine if you are using W2k3 RAS, but not if you use a router and happen to somehow duplicate the login details. ( in my case only the username was the same )

    Now, I had changed the password for the AD user that matched my router VPN user, but Vista still let me through. However, i have changed the AD users password again today and it now asks me for a AD username and password when I attempt to access any remote network resource.

    I have tried this on some other Vista PC's and I no longer have the problem.

    One to be aware of I suppose.