"Sunny" <sunnybudd@gmail.com> wrote in message
news:1145999598.376696.15860@i39g2000cwa.googlegroups.com...
> Hi All,
>
> (I am hoping for some inspiration here)
>
> We have a problem which has appeared in the past few weeks where our
> laptop users remotely connect with XP SP1 and SP2 laptops to Windows
> 2003 SP1 AD network using Cisco VPN client. Transport is one of:
>
> 1) modem PSTN connection
> 2) broadband connection
> 3) Vodaphone 3G datacard connection.
>
> They connect to Cisco VPN before logging onto Windows so the Windows
> login process completes cleanly and scripts run etc...They then launch
> IE which has our https intranet page as home page and which is
> configured to use integrated authentication (hosted on IIS 6 + Windows
> server 2003 SP1). HERE is the problem - when the connection is made
> over 1) or 2) then the integrated authentication works correctly but
> when 3) is used then the user is prompted for credentials which must be
> entered in the format domain\username + password before the page is
> displayed.
>
> We have tried security auditing on DC, IIS server and on laptop but
> only get success and failures for logons when correct / incorrect
> credentials are entered at the pop-up box after integrated
> authentication has failed.
>
> Anyone got any ideas how I could get to the bottom of this? Why would
> it be different with a 3G card - it does not make sense? any IIS log
> files or traces I could run (I have tried packet sniffing with Ethereal
> but can't see unencrypted VPN traffic)
>
> Thx, S
>

Ken Schaefer wrote:
> Hi,
>
> Have you checked this KB article yet to verify that all the conditions for
> an IE auto-logon attempt are in place?
> http://support.microsoft.com/?id=258063
>
> Cheers
> Ken
>
> "Sunny" <sunnybudd@gmail.com> wrote in message
> news:1145999598.376696.15860@i39g2000cwa.googlegroups.com...
> > Hi All,
> >
> > (I am hoping for some inspiration here)
> >
> > We have a problem which has appeared in the past few weeks where our
> > laptop users remotely connect with XP SP1 and SP2 laptops to Windows
> > 2003 SP1 AD network using Cisco VPN client. Transport is one of:
> >
> > 1) modem PSTN connection
> > 2) broadband connection
> > 3) Vodaphone 3G datacard connection.
> >
> > They connect to Cisco VPN before logging onto Windows so the Windows
> > login process completes cleanly and scripts run etc...They then launch
> > IE which has our https intranet page as home page and which is
> > configured to use integrated authentication (hosted on IIS 6 + Windows
> > server 2003 SP1). HERE is the problem - when the connection is made
> > over 1) or 2) then the integrated authentication works correctly but
> > when 3) is used then the user is prompted for credentials which must be
> > entered in the format domain\username + password before the page is
> > displayed.
> >
> > We have tried security auditing on DC, IIS server and on laptop but
> > only get success and failures for logons when correct / incorrect
> > credentials are entered at the pop-up box after integrated
> > authentication has failed.
> >
> > Anyone got any ideas how I could get to the bottom of this? Why would
> > it be different with a 3G card - it does not make sense? any IIS log
> > files or traces I could run (I have tried packet sniffing with Ethereal
> > but can't see unencrypted VPN traffic)
> >
> > Thx, S
> >