Error accessing filesharing apps over a TUNNEL

Archived from groups: microsoft.public.win2000.security (More info?)

Hi,
I want to protect all my servers from the Internet and for filesharing/samba
(port 139&445) I want to use a SSL tunnel that redirects these traffic to
the actual server. It all works god for Windows 98, NT and 2k but doesn't
work for the Windows XP (for 2k Server as backend) but works for NT server
with XP client.

We did put a work around for the local 139/445 port also. Now real issue is
that when we are logging-into XP machine with cached credential (i.e PDC is
not accessible) then:

1. It prompts fo rthe U/P in NTLM dialog box (it happens only on XP).
2. If I enter my U/P as one used for the logon then I get error ("bad
credential same U/P was used for logon).
3. If I enter another domain U/P then I get different erros like ("No
authentication server available", "Unable to connect to Network", "You don't
have permission" etc....) on XP only.

Whereas if I follow the traffic then I see that actual fileserver has
received the data and sent back the error over the tunnel. Any help in this
regard is highly appreciated.

Note: We are opening only HTTP/HTTPS no other protocol for the communication
and tunneling the port 139/445 only for file sharing.


Thanks,
Ashok