[vpn-help] VPN login before domain login

Greg Julius greg.julius at workspaceim.com
Wed Dec 26 11:33:09 CST 2012 

Steven,

I just downloaded rc2 and checked it out and, sure 'nuff, it ain't there.

So, just to make sure I wasn't crazy, I fired up the beta2 copy I have and it does have it.

I have installed the beta 2 on windows 8 and it works just fine for me.  I had to set compatibility to Win 7, but other than that it worked fine for me.  If you are using Win 7 (or server 2008R2) or earlier it should just install.  The Credential Provider is an install-time option.

Where it went or why it went I don't recall seeing from the mail list.  Perhaps another can fill us both in on the details and expected timeline for this feature to be re-included.

-g

Your office accessible from anywhere - No More Hardware & Related headaches

Greg Julius
E-mail:  Greg.Julius at WorkSpaceIM.com
Phone: 830-672-9068

From: Steven Godfrey [mailto:sgodfrey at scg-atl.com]
Sent: Wednesday, December 26, 2012 10:32 AM
To: Greg Julius; vpn-help at lists.shrew.net
Subject: RE: [vpn-help] VPN login before domain login

Greg,

I didn't see the provider option when installing. But I went to the help file and found this information of what I want to do but it is not supported yet.
Although the VPN Client supports a rapidly growing feature set, it still lacks some options found in the popular commercial solutions. Most of these features will be added in future releases. Please read below for a brief list.

*         Pre-Login Connection Support for AD/Domain Logins
How did you get this to work if it is not supported? I am using 2.2.0 rc 2.

Thanks,
Steven

From: vpn-help-bounces at lists.shrew.net<mailto:vpn-help-bounces at lists.shrew.net> [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Greg Julius
Sent: Thursday, December 20, 2012 4:03 PM
To: 'vpn-help at lists.shrew.net'
Subject: Re: [vpn-help] VPN login before domain login

There are some great folks on the list here that can help determine what gives with a problem.

The website has a section about how to submit bug reports.  The folks here are much more knowledgeable than I about the whole handshake procedure and can offer suggestions on what to tweak.  Almost everything can be connected as there are lots of adjustment options available.  There are only a few things which are known not to work due to one thing or another.

Perhaps post another message about luck/advice with the Netgear Prosafe FVL328 device.  Certainly do so for the Cisco RV220W.  A quick look in the archives for the FVL328 brought zero hits and only one other for the RV220W.  Visit the archives via the support tab on the website.

-g

Your office accessible from anywhere - No More Hardware & Related headaches

Greg Julius
E-mail:  Greg.Julius at WorkSpaceIM.com<mailto:Greg.Julius at WorkSpaceIM.com>
Phone: 830-672-9068

From: vpn-help-bounces at lists.shrew.net<mailto:vpn-help-bounces at lists.shrew.net> [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Steven Godfrey
Sent: Thursday, December 20, 2012 2:00 PM
To: vpn-help at lists.shrew.net<mailto:vpn-help at lists.shrew.net>
Subject: Re: [vpn-help] VPN login before domain login

Greg,

That was very helpful information. I get a feel for how it works now, it seems that shrew soft vpn client can actually be integrated with windows login from what you have told me.

I will give a try to see how that works but the problem is that I do not have a piece of hardware that actually works with it. I currently have a netgear prosafe fvl328 firewall router that works with IPsec but I cannot seem to get it to make the final connection. It has been a while since I tried the shrew soft but when I did try it I believe from what I saw in the log file that I was able to get it to connected through the first and second phase but there seemed to have been a problem with the key or the authentication. I think that shrew soft doesn't handshake the same way as the netgear client software does with the fvl328.

Thank You,
Steven

From: vpn-help-bounces at lists.shrew.net<mailto:vpn-help-bounces at lists.shrew.net> [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Greg Julius
Sent: Thursday, December 20, 2012 2:39 PM
To: 'vpn-help at lists.shrew.net'
Subject: Re: [vpn-help] VPN login before domain login

Steven, you accidently sent straight to me instead of the list.  Reply all is the best option, then remove the sender...

The Install program installs the necessary code and configuration changes that get used when you logon to your system.  This is what I referred to as the credentials provider.   During logon, Microsoft uses the installed elements to interact with the ShrewSoft VPN service which sets up the VPN connection and then continues the normal login process.  What you see from all of this is a "Tile" at login with VPN (I don't have it with me currently so I can't give you the exact phraseology) that you click to logon.

It's been a while since I last did this, but the process is something like the following:

*         Select to install the provider when you install the Shrew VPN software.

*         Set up a connection and make sure it works.

*         Set the desired connection as the default and logoff (or reboot if you haven't done that yet).

*         At logon time there is a "tile" that has something to the effect of logon with VPN - click it.

*         From there it will set up the connection using the credentials provided and then immediately logon the session.

*         Note - This means that the credentials used must be able to set up a VPN connection in the first place so test using them while doing the connection setup.

The simplest thing to do is just go ahead and install it on a Windows 7, 64 bit machine and take a gander.  I'd certainly do this before I committed to a particular piece of hardware to see if it is what you are looking for.

If anybody out there has more to add (or even corrections) jump on in as it has been some time since I did this for a client.

Hope that Helps,
Merry Christmas,
-g

Your office accessible from anywhere - No More Hardware & Related headaches

Greg Julius
E-mail:  Greg.Julius at WorkSpaceIM.com<mailto:Greg.Julius at WorkSpaceIM.com>
Phone: 830-672-9068

From: Steven
Sent: Thursday, December 20, 2012 1:11 PM
To: Greg Julius
Subject: RE: [vpn-help] VPN login before domain login

Thanks for your reply. I am not familiar with the credentials provider. Is that similar to a startup service at boot? Thank You, Steven

From: vpn-help-bounces at lists.shrew.net<mailto:vpn-help-bounces at lists.shrew.net> [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Greg Julius
Sent: Thursday, December 20, 2012 1:54 PM
To: 'vpn-help at lists.shrew.net'
Subject: Re: [vpn-help] VPN login before domain login

Steven,
Yes, the 2.2 versions have an installable credentials provider that will work with Windows Vista & 7 (not XP and below however) on 64 bit systems.

This version is now in Release Candidate stage and I have used the beta2 version for some time now and have found it very stable.

I don't know specifically how it will work with the Cisco RV220W however.

-g

Your office accessible from anywhere - No More Hardware & Related headaches

Greg Julius
E-mail:  Greg.Julius at WorkSpaceIM.com<mailto:Greg.Julius at WorkSpaceIM.com>
Phone: 830-672-9068

From: vpn-help-bounces at lists.shrew.net<mailto:vpn-help-bounces at lists.shrew.net> [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Steven Godfrey
Sent: Thursday, December 20, 2012 12:33 PM
To: vpn-help at lists.shrew.net<mailto:vpn-help at lists.shrew.net>
Subject: [vpn-help] VPN login before domain login

Hello,

I plan on buying a cicso RV220W. The only problem is that it's VPN client does not support login before domain login on the windows 7 64 bit clients. So I would like to go with Shrew Soft VPN client. Before I purchase this router rather than going with the ASA AnyConnect router which cost more I would like to know if ShrewSoft VPN client can startup before login such as a windows service and connect to the vpn before I login to the domain? I am currently using openVPN which does this but the problem is that openVPN which is SSL does not work with my router choices.

Thanks for your help,
Steven
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20121226/af9c0ec3/attachment-0002.html>

More information about the vpn-help mailing list