Log in to VPN before logging on to Windows Domain

  • Does Netscreen-remote have a feature similar to Cisco’s “start before logon”

    If not, what alternative clients that I can use with the Netscreen 5GT Plus can I download / buy that have this feature?

    Netscreen: 5GT Plus
    Domain Server: Windows 2003 running Active Directory
    Client: Windows XP SP2 currently running Netscreen-Remote 8.0

    Thanks for your help!

  • Hi, cant your users just map a drive to their folders?

    Or even run VNC to their PCs? (assuming they have an office PC).

  • Hi

    Does Netscreen-remote support “MSGINA” right now?
    I have had tested v8.5 and v10.1 and there were no "start before…"
    Is there another way to login windows domain after vpn connection has been established?

    thanks !!

  • I am currently using RDP from home over the Netscreen-Remote software… so for me it is fine, however the problem arises when we have laptop users who need to log in and see their files.

  • that would be the best way to go.

    we stuck with certificates and l2tp simply coz this is a temp solution while we reconfigure certain aspects of our network

  • Hi…

    you say you have the Windows VPN client up and running. Well… I guess you could get quite good security running L2TP with Certificates… Is that what you have up and running… I know that it’s a “sollution” that Netscreen/Juniper has documented, but it’s not really the optimal sollution. I really would like the GINA support in the IPsec client… Gives me a lot more options on how to secure my communication.

  • windows vpn client allows me to dial into my office vpn and use RDP to login to any computer in the office including the nt server and a linux server.

  • Thanks for the response. Would be great if someone can shed some further light on if this is possible with the Netscreen boxes.

  • Hi!

    The NS Remote client does not have “MSGINA” support. MSGINA are drivers that start early in the boot process and could add the “pre login support” you and a lot others request…

    I heard one NS/Juniper spokesman saying that they put a lot of effort in to the RA500/SA1000 products. In these products the VPN client does have “MSGINA” support and can get the tunnel up and running before windows authentication. No plans to add support for this in the IPsec client was mentioned… A bit lame if u ask me…

    A few tips on what to try:
    Nortel VPN Client and Stonegate VPN Client should have GINA support. Dont know if anyone has any of these clients up and running with a Netscreen box. If you do, please post it here!