This article was previously published under Q317506
This article has been archived. It is offered "as is" and will no longer be updated.
You may not be able to log on to your domain by using a virtual private network (VPN) if you have the Microsoft Proxy 2.0 client or the Microsoft Internet Security and Acceleration (ISA) Server 2000 client installed, and the proxy server can be reached only by using the VPN connection.
This behavior occurs only if you refer to the VPN server by a Domain Name System (DNS) name instead of by the IP address when you create the VPN connection.
Typically, the DNS server's IP address is not contained in the client computer's local address table (LAT). When the client computer tries to resolve the IP address for the VPN server, the client sends the name-resolution request to the proxy server. Because the client cannot reach the proxy server before the VPN connection is established, the name resolution for the VPN server times out.
To change this behavior, add the following lines to the master copy of the Mspclnt.ini file on the server that is running Proxy Server 2.0 or ISA Server 2000:
This behavior is by design.
Note that the resolution that is described in this article prevents Svchost from accessing the external network through a Winsock proxy. Therefore, the following services that are hosted by Svchost do not use a Winsock proxy and users can log on:
Remote Procedure Call (RPC) Windows Audio Background Intelligent Transfer Service Computer Browser Cryptographic Service DHCP Client Logical Disk Manager Error Reporting Service COM+ Event System Server Workstation Messenger Network Connections Network Location Awareness Remote Access Connection Manager Task Scheduler Secondary Logon System Event Notification Shell Hardware Detection System Restore Service Telephony Terminal Services Themes Distributed Link Tracking Client Upload Manager Windows Time Windows Management Instrumentation Portable Media Serial Number Automatic Update Wireless Zero Configuration DNS Client TCP/IP NetBIOS Helper Remote Registry SSDP Discovery Service WebClient