Mapping Drive problem with VPN 1

[TB0NE]

I am certain this is a Windows issue even though I only get the problem when connecting through VPN. I've also posted this issue in the VPN forum. Read on and I'll explain.

The PROBLEM is that I cannot map a drive letter on a client PC (W2K pro) when connecting through Cisco VPN client. I also cannot access network resources by typing in the UNC path. I CAN ping by name and by IP address. This is for a PC that is a memeber of the domain but has been moved to a users house. When I attempt to map a drive the system hangs for 2 -3 minutes then reports the following:

An error occured while reconnecting L: to \\ServerName\ShareName. Microsoft Windows Network: There are currently no logon servers available to service the logon request. This connection has not been restored.

I also get an event ID 3034 - The redirector was unable to initialize security context or query context attributes.


The reason I am sure this is a Windows problem is because I have 9 other users who can successfully map drive letters while connected via VPN. These users are a combination of W2K pro and XP pro. The PC's are both domain members and non-members.

The successful login scenario is as follows:

The client boots the PC and logs in using his/her cached profile. (Some PC's are not domain members so they are using their standard local profile). At this point, mapped drives are not accessible. The user then fires up the VPN client and authenticates with the ROUTER. If a user is using a cached profile (PC is a member of the domain and user entered network credentials)then access to the mail server and mapped drives is allowed. Users can access their mapped drives and can create new mappings. If the PC is not a member of the domain (and they use a local machine username and password), they are prompted for their domain credentials. Once authenticated, they have access to mapped drives and can create new mappings.

I know that was long winded but any ideas would be greatly appreciated.

Thanks!

 

[garpal]

TBONE,

This won't solve your whole problem, but try mapping the drive letter by IP address and see if it works. In my case...I've got a problem replicating through a VPN and two of my W2K servers won't map drives by name (\\server\drive$), but they will map using IP address (\\x.x.x.x\drive$). I don't know why. I get the same error message as you about the redirector not initializing security context.

This may show whether or not you can reach the other end of the VPN.

Good Luck

 

[monkieboi]

edit the host file on the client machine to point to it!
give it a kick start!

 

[GlenJohnson]

monkieboi has a good point. Hosts aren't supposed to be used, but sometimes they come in handy. Glen A. Johnson
Johnson Computer Consulting
MCP W2K
glen@johnsoncomputers.us

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
"Since we cannot know all that there is to be known about anything,
we ought to know a little about everything."
Blaise Pascal

 

[DracoPaladin]

I am having a similar problem in a similar situation.

First, let me explain that I am the end user, not the IT dept. Bearing in mind that I 'could do the IT guys job better than he does'.

I am using WinXP Pro on my laptop. use same docking station at home and at work with same model NIC.

at work I can access all drive shared. at home over vpn I cannot access ALL drive shares, but I can access some. When I attempt to ping the most important one 'ROC' I am unable to ping it, when I ping 'printer' I can ping it. I don't know what the ip address is for 'ROC' but I intend to find out and try ping IP instead of host name.

I am thinking this might be a WINS problem?...

any ideas are appreciated.

 

[fuunstatic]

pinging when outside a company's network is not always a good test as we for instance disable ICMP replys

a good test we use is to try telnetting to the server in question to establish that a network connection exist

Getting back to TBONE's problem

do you have a DNS on your DMZ that outside users can access to cure rolution problems?

 

[TB0NE]

Update:

I have tried mapping via IP address with the same result. I have also setup a host file to resolve the name to no avail. However, name resolution does not seem to be the problem. I can ping by name and by IP address. I can also access the mail server using the full Outlook client.

To Immacola's question: The Cisco Router assigns DNS server addresses to the client once authenticated. These servers are internal. I have no systems in the DMZ. The router is not, however, assigning any WINS addresses. Could this be a problem? Keep in mind that 9 other users are fine under the current configuration.

I've also looked into another possibility but if any of you think I'm tilting windmills, just holler.

The Event ID 3034 error that I mentioned in the original post refers to the MRXSMB.sys file. This file along with rdbss.sys manage and open remote sessions and perform file system operations (open, close, read, write etc..) It turns out that there have been 12 revisions to this file since April '02. However, I cannot get the latest version without a phone call to M$. Should I try new .sys files and does anybody have access to a version newer than 7/22/02? I already have SP3 loaded and all the latest hot fixes. Somebody stop me. I'm on the verge of formatting this machine.

All of your responses are greatly appreciated.

Thanks Again.