Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationNeed help with VPN accessNeed help with VPN access
Previous
 
Next
New Post
3/26/2007 2:55 PM
 
Hal Saville

Joined: 12/12/2005
Posts: 26

Hi folks,

I am using DNN 4.4.1 in an Intranet setting with additional network access through a VPN. I have been doing AD authentication for a while now and have pretty well got intranet auto-authentication working on my production portal. On my development portal, where I test new functionality, I have had good success with auto authentication and auto login especially in the intranet realm. Where I am encountering issues is when I try to make all this work with myVPN from SonicWall (SSL-VPN appliance). It uses the NetExtender client and once configured, allows auto-login using AD network credentials. But there are a few glitches that need to be worked out to be ready for the production server.

A. First, the auto-login seems to timeout after 60 minutes, even when I extend the timeout period to something much longer in two places in the web.config file. Beyond that time, The windows Server pop-up authentication dialogue requires me to log into the server again. I understand that this is handled by a cookie but I can't seem to find a way to extend this period.

 

B. Second, If I log out of the website after auto-login, the cookie seems to reset itself to unauthenticated and trying to authenticate against AD generates an error and no longer works unless the cookie is deleted. Accounts such as admin and host plus any manually registered work fine however.

 C. A third issue I have encountered is that the Auto-login seems to auto authenticate to one particular AD account, even if I log out, delete the cookie, restart the computer , reconnect across the VPN with a different account and even use a different account on the workstation. Is there something in DNN that keeps track of the network card on instance of windows and reverts to a default account even if the log-in is to another account?

Looking forward to any possible help :>)

Hal

 
 
New Post
3/27/2007 2:18 PM
 
Dan Ball

Joined: 1/31/2005
Posts: 771

I use the built-in VPN function of the Windows Server, so I don't run into those issues, but it sounds like you're not directly connected.  In that I mean that your VPN box is acting as a middle-man instead of simply a gateway, and is not passing the correct authentication packets (at least in a timely fashion).   Since I have not worked with that particular unit, all I can do is to recommend looking at the setting of that closer, and figure out why it is timing out.

Another option you can do, if you can authenticate to "other" computers, is to do a Remote Desktop session to a computer on your Intranet and use that one for accessing your website.  I do that all the time to access my desktop computer from home.
 
New Post
3/28/2007 1:26 PM
 
Hal Saville

Joined: 12/12/2005
Posts: 26

Hi Dan, thanks for your reply. Unfortunately with over 300 potential VPN users a remote desktop solution would not work. What do you mean by "built-inVPN function of Windows Server"? What I am wondering is whether the problem lies in the VPN setup or in the website setup.

Does anyone know how the cookies for login work who could explain how to extend their expiration? There are two places in the web.config file where this can be set as well as in IIS. I have tried all of these without success in extending the time.

 
New Post
3/28/2007 2:42 PM
 
Dan Ball

Joined: 1/31/2005
Posts: 771
hssaville wrote

What do you mean by "built-inVPN function of Windows Server"? What I am wondering is whether the problem lies in the VPN setup or in the website setup.

If you are running Windows Server (which you must be if you are running AD and DNN), you already have VPN access.  It's called Routing and Remote Access, and is installed on almost every server by default.  All you need is a secondary network card in a server, and set it up to allow VPN access.   You only really need an external VPN box like that if you are running a non-Windows network.

I strongly suspect that your VPN box isn't doing proper authentication, which is why you're running into these problems.  While it may "authenticate" to the server, it isn't really passing the complete information, and thereby making authentication to other servers (like DNN) difficult.   Play around with the cookies all you want, but if that box is blocking the packets it won't make a difference.

 
 
 Page 1 of 1
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Provider and Extension ForumsProvider and Extension ForumsAuthenticationAuthenticationNeed help with VPN accessNeed help with VPN access


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out