Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
253
Views
0
Helpful
2
Replies

Remote Access

philtaylor
Level 1
Level 1

‎10-30-2002 06:52 AM - edited ‎03-02-2019 02:30 AM

Apologies in advance for the rather long winded nature of this message. Hopefully you'll understand what I'm talking about.

We have a Cisco RSA Ace/server remote access system. On the outside of our network is a 2600 router which is connected to our firewall (Checkpoint firewall-1 v4.1 SP5 running on NT4 SP6a) via it's DMZ interface card.

We have found that in order to get a user logged onto our domain over the RAS, their computer must have previously logged onto to domain whilst connected directly to the LAN (ie the user's profile must be on the computer already).

If I dial in using a computer without my profile on there, it will let me create a computer account on the domain, but when attempting to log in it says the domain is unavailable. Authentication on the RAS router is not a problem.

We have other WAN links which allow users at other sites to log in without their profiles being already set up, so the firewall services etc are already in place, and as far as I can see, the RAS should behave the same as those WAN links as it has been put in the same groups etc on the firewall.

Can anyone suggest any reason why it won't let us do this?

Regards,

Phil.

Labels:
0 Helpful
2 Replies 2

r-simpson
Level 3
Level 3

‎11-05-2002 08:27 AM

Hi Phil,

Not very clear what is wrong. May be this page might be of some help.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a008007dee3.html

0 Helpful

philtaylor
Level 1
Level 1
In response to r-simpson

‎11-05-2002 08:37 AM

Found the answer to this one. It is simply a matter of waiting one minute after receiving the "cannot logon because the domain is unavailable" message, then attempting the domain logon again, and then it works. I found this hint on a page talking about VPNs.

Thanks for your response.

Phil.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card