«

In order to process login scripts, you must use "start before login" on
windows NT based machines. the will essentially bring up the vpn dialer
before the user logs into the machine.



On Fri, 11 Jul 2003 08:22:30 -0500, Rob Franetovich wrote:

> I have a VPN set up using the Cisco PIX 501 Version 6.x and Cisco
> client version 4.0. The users are authenticated on a Win2K ISA box.
> The Pix assigns an IP address, DNS address and WINS address to the
> client successfully.
>
> Everything seems to work fine, but....
>
> The users are authenticated (I know because I tried to enter a bad
> password), and the VPn is tunnel is created. When I try to Ping any
> other IP address other than the one assigned to my client, it times
> out. Trying to Ping any Netbios name results in the same outcome. If
> I try to use the web once connected to the VPN I cannot reach anything
> at all.
>
> What I want is to have the internal network opened up just as if my
> user was sitting at his/her desk. I want a login script to run after
> the authentication, map drives, etc.
>
> Any ideas?
>
> Rob

I have *exactly* the same problem as the original poster. Once connected to
the PIX box from our remote site, I have:

- No access to resources behind the firewall (file servers, PC, Exchange)
- No access to the Internet

Disconnecting from the PIX box immediately restores Internet access.

I tried the solution suggested by the responder below, but it did not work.

I am now pretty desperate. I have spent weeks trying all sorts of things.
Surely someone knows what to do to make it work?

Thanks, Ian Easson

"Rik Bain" <> wrote in message
news inz.org...
> In order to process login scripts, you must use "start before login" on
> windows NT based machines. the will essentially bring up the vpn dialer
> before the user logs into the machine.
>
>
>
> On Fri, 11 Jul 2003 08:22:30 -0500, Rob Franetovich wrote:
>
> > I have a VPN set up using the Cisco PIX 501 Version 6.x and Cisco
> > client version 4.0. The users are authenticated on a Win2K ISA box.
> > The Pix assigns an IP address, DNS address and WINS address to the
> > client successfully.
> >
> > Everything seems to work fine, but....
> >
> > The users are authenticated (I know because I tried to enter a bad
> > password), and the VPn is tunnel is created. When I try to Ping any
> > other IP address other than the one assigned to my client, it times
> > out. Trying to Ping any Netbios name results in the same outcome. If
> > I try to use the web once connected to the VPN I cannot reach anything
> > at all.
> >
> > What I want is to have the internal network opened up just as if my
> > user was sitting at his/her desk. I want a login script to run after
> > the authentication, map drives, etc.
> >
> > Any ideas?
> >
> > Rob