Domain logins via PPP?

Doug VanLeuven roamdad at ibm.net
Thu Sep 23 04:40:01 GMT 1999



Steve Shoecraft wrote:

> (stuff deleted)

> internet, so it looks like I have the network component setup correctly.
> Here's the info:
>
>         x.x.x.x:255.255.255.0 - internet interface
>         192.168.69.1:255.255.255.0 - internal interface
>         192.168.69.80 -> 192.168.69.81 - ppp interface

> (stuff deleted)

>        The client is setup like this: Dialup Networking->(connection
> name)->Properties->Server types shows that the the logon to network box is
> checked.  For the protocols, only TCP/IP is checked.  The TCP/IP settings
> are to get the IP address and name server addresses from the server.  A look
> at ipconfig/All or winipcfg reports that the IP address is 192.168.69.81,
> netmask is 255.255.255.0, DNS server is 192.168.69.1 (which is correct --
> DNS server is on my firewall), and the WINS server is 192.168.69.2.

I think you are dialing into your firewall.
Check the deny counts with ipfwadm -Ile & -Ole and see if you're denying
packets that aren't accounted for.
I've used ipfwadm on dial-in & dial-out machines and had to have
a seperate set of rules for each ip connection.  It got so complicated, I
set up a directory in /var/run to add/delete the rules as seperate files
as the connections are made/dropped and execute them in order
out of ip-up & ip-down (Linux).  It got tricky.

Also, as far as I know, only NT allows roaming profile login over
dial-up (there's a check box on the login display).  I could be wrong.
95 & 98 you've already logged in when you dial the remote network.
We always keep the notebooks in a workgroup that's the same name
as the domain, rather than try & have the notebook in the domain.
That has always worked to update browse lists (eventually).

--
Doug VanLeuven : 707-545-6933 (voice) 707-545-6945 (fax)
Programmer/Analyst, SCWA : doug at scwa.ca.gov
Chief Engineer, USMM : roamdad at ibm.net




More information about the samba-ntdom mailing list