[vpn-help] VPN login before domain login

Steven Godfrey sgodfrey at scg-atl.com
Wed Dec 26 10:32:06 CST 2012


Greg,

 

I didn't see the provider option when installing. But I went to the help
file and found this information of what I want to do but it is not
supported yet.

Although the VPN Client supports a rapidly growing feature set, it still
lacks some options found in the popular commercial solutions. Most of
these features will be added in future releases. Please read below for a
brief list.

 

*         Pre-Login Connection Support for AD/Domain Logins 

How did you get this to work if it is not supported? I am using 2.2.0 rc
2.

 

Thanks,

Steven

 

From: vpn-help-bounces at lists.shrew.net
[mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Greg Julius
Sent: Thursday, December 20, 2012 4:03 PM
To: 'vpn-help at lists.shrew.net'
Subject: Re: [vpn-help] VPN login before domain login

 

There are some great folks on the list here that can help determine what
gives with a problem.

 

The website has a section about how to submit bug reports.  The folks
here are much more knowledgeable than I about the whole handshake
procedure and can offer suggestions on what to tweak.  Almost everything
can be connected as there are lots of adjustment options available.
There are only a few things which are known not to work due to one thing
or another.

 

Perhaps post another message about luck/advice with the Netgear Prosafe
FVL328 device.  Certainly do so for the Cisco RV220W.  A quick look in
the archives for the FVL328 brought zero hits and only one other for the
RV220W.  Visit the archives via the support tab on the website.

 

-g

 

Your office accessible from anywhere - No More Hardware & Related
headaches

 

Greg Julius

E-mail:  Greg.Julius at WorkSpaceIM.com

Phone: 830-672-9068

 

From: vpn-help-bounces at lists.shrew.net
[mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Steven Godfrey
Sent: Thursday, December 20, 2012 2:00 PM
To: vpn-help at lists.shrew.net
Subject: Re: [vpn-help] VPN login before domain login

 

Greg,

 

That was very helpful information. I get a feel for how it works now, it
seems that shrew soft vpn client can actually be integrated with windows
login from what you have told me.

 

I will give a try to see how that works but the problem is that I do not
have a piece of hardware that actually works with it. I currently have a
netgear prosafe fvl328 firewall router that works with IPsec but I
cannot seem to get it to make the final connection. It has been a while
since I tried the shrew soft but when I did try it I believe from what I
saw in the log file that I was able to get it to connected through the
first and second phase but there seemed to have been a problem with the
key or the authentication. I think that shrew soft doesn't handshake the
same way as the netgear client software does with the fvl328.

 

Thank You,

Steven

 

From: vpn-help-bounces at lists.shrew.net
[mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Greg Julius
Sent: Thursday, December 20, 2012 2:39 PM
To: 'vpn-help at lists.shrew.net'
Subject: Re: [vpn-help] VPN login before domain login

 

Steven, you accidently sent straight to me instead of the list.  Reply
all is the best option, then remove the sender...

 

The Install program installs the necessary code and configuration
changes that get used when you logon to your system.  This is what I
referred to as the credentials provider.   During logon, Microsoft uses
the installed elements to interact with the ShrewSoft VPN service which
sets up the VPN connection and then continues the normal login process.
What you see from all of this is a "Tile" at login with VPN (I don't
have it with me currently so I can't give you the exact phraseology)
that you click to logon.

 

It's been a while since I last did this, but the process is something
like the following:

*         Select to install the provider when you install the Shrew VPN
software.  

*         Set up a connection and make sure it works.  

*         Set the desired connection as the default and logoff (or
reboot if you haven't done that yet).

*         At logon time there is a "tile" that has something to the
effect of logon with VPN - click it.

*         From there it will set up the connection using the credentials
provided and then immediately logon the session.  

*         Note - This means that the credentials used must be able to
set up a VPN connection in the first place so test using them while
doing the connection setup.

 

The simplest thing to do is just go ahead and install it on a Windows 7,
64 bit machine and take a gander.  I'd certainly do this before I
committed to a particular piece of hardware to see if it is what you are
looking for.

 

If anybody out there has more to add (or even corrections) jump on in as
it has been some time since I did this for a client.

 

Hope that Helps,

Merry Christmas,

-g

 

Your office accessible from anywhere - No More Hardware & Related
headaches

 

Greg Julius

E-mail:  Greg.Julius at WorkSpaceIM.com

Phone: 830-672-9068

 

From: Steven
Sent: Thursday, December 20, 2012 1:11 PM
To: Greg Julius
Subject: RE: [vpn-help] VPN login before domain login

 

Thanks for your reply. I am not familiar with the credentials provider.
Is that similar to a startup service at boot? Thank You, Steven

 

From: vpn-help-bounces at lists.shrew.net
[mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Greg Julius
Sent: Thursday, December 20, 2012 1:54 PM
To: 'vpn-help at lists.shrew.net'
Subject: Re: [vpn-help] VPN login before domain login

 

Steven,

Yes, the 2.2 versions have an installable credentials provider that will
work with Windows Vista & 7 (not XP and below however) on 64 bit
systems.

 

This version is now in Release Candidate stage and I have used the beta2
version for some time now and have found it very stable.

 

I don't know specifically how it will work with the Cisco RV220W
however.

 

-g

 

Your office accessible from anywhere - No More Hardware & Related
headaches

 

Greg Julius

E-mail:  Greg.Julius at WorkSpaceIM.com

Phone: 830-672-9068

 

From: vpn-help-bounces at lists.shrew.net
[mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Steven Godfrey
Sent: Thursday, December 20, 2012 12:33 PM
To: vpn-help at lists.shrew.net
Subject: [vpn-help] VPN login before domain login

 

Hello,

 

I plan on buying a cicso RV220W. The only problem is that it's VPN
client does not support login before domain login on the windows 7 64
bit clients. So I would like to go with Shrew Soft VPN client. Before I
purchase this router rather than going with the ASA AnyConnect router
which cost more I would like to know if ShrewSoft VPN client can startup
before login such as a windows service and connect to the vpn before I
login to the domain? I am currently using openVPN which does this but
the problem is that openVPN which is SSL does not work with my router
choices.

 

Thanks for your help,

Steven

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20121226/d53152f1/attachment-0002.html>


More information about the vpn-help mailing list