Trusted Connection to SQL fails after connecting to a VPN

active-directory sql-server vpn

I was also having this same issue and found the solution here:

http://social.technet.microsoft.com/forums/en-US/itprovistanetworking/thread/275599f0-6239-46a5-8245-50a5c13a2713/

You'll need to locate your VPN connections .pbk file.

You can find it here:

C:\Users\{WindowsLogin}\AppData\Roaming\Microsoft\Network\Connections\Pbk

Or if you have it set to allow all users to use the connection, you can find it here:

C:\ProgramData\Microsoft\Network\Connections\Pbk

Edit it with a text editor and find the line that says:

UseRasCredentials=1

Disable it by setting it to 0

UseRasCredentials=0

Did you ever figure this out? I think I know what your problem is.

  1. It's possible that the problematic VPN is a full tunnel, and if so, it could be the case that even unchecking the option for "use default gateway on remote network" won't help. With full tunnel VPN, when you're VPN'd in, ALL of your traffic will be on the VPN network, whether you like it or not. You can test this by going to a site such as ipchicken.com before you connect to the VPN, and then refresh the page again after you're connected. If the IP changes, then you're on a full tunnel.

  2. How are you trying to connect to SQL Server? Are you using an application, or SQL Server Management Studio? If you can run the program from a command line, you may have luck using the runas windows command with the /netonly switch. It enables you to be logged into one domain but run a program as a different domain user. Like this:

    runas /user:MYDOMAIN\MYUSER /netonly "C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe"

Replace the domain, username, and path of SQL Server Manamgent Studio with the appropriate values.

When it asks you for the password, type in the password for the domain user you enetered. It will not authenticate the user at this point. Then when you open SSMS, connect to the DB in question like you normally would, and if it can't connect with your normal creds it should try to use the ones you entered with the runas command.

Related

ProCurve network expansion
Non-ECC memory on Proliant DL385 g5
What are the reasons for using telnet command?
Block Google requests to 16k using pf firewall
Windows 2008 startup script will not run?
Tree-root trust confusion
Reload and evil-reload in uwsgi config
How to get rid of "Input limit reached. [...]" warning
What are special spells?
How do I get to Zora's Domain?
Can we manually reduce the file size of Minecraft SMP server by just deleting .mcr files?
How can I get a bunch of 1-UPs in New Super Mario Bros(DS)?