Hello everyone,I have an ISA server running as a VPN gateway for mobile users. The mobile users are logged on their machines using user accounts (not ADMINs!) and they are using the VPN connection all the times with no problems.However, sometimes these mobile users needs administrator interventions for tech supportand here comes the problem: when someoneis logged on as userandisconnected to the VPN, and I try to connect to his/herPC using remote desktop then the VPN connection drops right in the moment they allow the administrator to log on their PC. Still the regular user is not completely logged off and it's programs continue to run in the background. Even the VPN connection is running in the background, and when the user logs on again the VPN connection is restored!So, it seems that VPN gets disconnected as long as the user gets disconnected from the console. This happens on both XP and Vistawhen the connection to the VPN is created for the user only. The RDP connection works ok when the VPN connection is created by an administratorfor "All Users" or when Ilog on with the same user account as the one logged on locally.However I really need to have the connection initiated by the user as I am not allowed to give the ADMIN credentials to the mobile users.If someone knows how to keepit connected please help!Below is the connection log:******************************************************************Operating System : Windows NT 5.1 Service Pack 3Dialer Version : 7.2.2600.5512Connection Name : UNW VPN ConnectionAll Users/Single User : Single UserStart Date/Time : 1/16/2009, 17:11:37******************************************************************Module Name, Time, Log ID, Log Item Name, Other InfoFor Connection Type, 0=dial-up, 1=VPN, 2=VPN over dial-up******************************************************************[cmdial32]17:11:3703Pre-Init EventCallingProcess = C:\DOCUME~1\usr\LOCALS~1\Temp\IXP000.TMP\cmstp.exe[cmdial32]17:15:3504Pre-Connect EventConnectionType = 1[cmdial32]17:15:3506Pre-Tunnel EventUserName = client Domain = DUNSetting = VPN Connection Tunnel DeviceName = TunnelAddress = vpn.domain.net[cmdial32]17:15:3607Connect Event[cmdial32]17:15:3609Custom Action ExeActionType = Connect Actions Description = IP Config ActionPath = C:\Documents and Settings\usr\Application Data\Microsoft\Network\Connections\Cm\UNVPN\SHOWIP.BAT. The program was launched successfully.[CMMON32] 17:16:1825External Disconnect due to Lost Connection [this is where ADMIN logs on][CMMON32] 17:17:0513Reconnect Event [this is where USER logs on again]Thanks and best regards,Alex.

Hi, I think that the root cause may be: when the administrator logs on the computer with RDP connection, the remote users logon session gets locked and the VPN connection drops as a result. If this is the case, it should be an expected behavior. Based on my research, I found that a VPN connection assigned for all users on this computer should be a possible workaround. The administrator can setup a VPN connection for all users on the computer in advance and there is no need to give the mobile users the ADMIN permission then. Also, we can centrally control the users VPN dial-in permissions in AD. So, setting up a VPN connections for all users on client computers should not led to security problems. Hope this helps. Nicholas Li - MSFTNicholas Li - MSFT