Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cant Join Win 2003 Domain Over Vpn


  • Please log in to reply
13 replies to this topic

#1 gavinseabrook

gavinseabrook

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:El Paso
  • Local time:06:29 PM

Posted 09 July 2007 - 01:07 PM

Hello All

Ive been having this trouble. I have a client whose 2000 server died, and we transfered all their data to a new server. Setup DHCP on server, WINS, and DNS with Active Directory. Now all the clients that are in the same IP range of the main office have NO PROBLEMS connecting to the domain. Yet all the clients connecting over a hardware VPN cant. Here is a small diagram


MAIN OFFICE (192.9.200.- scheme)>Router>Internet>Router>Other office (192.9.203.-) scheme.

Everytime we try to join the domain, we get an error saying it cant be contacted. Yet we can ping the IP of the domain server, and NSLOOKUP sees that the default server is the proper domain (w11243-1.w11243dom.com).

I have tried everything I could think of, but have no luck what so ever. Anyone able to come up with some suggestions?

Gavin Seabrook

 


BC AdBot (Login to Remove)

 


m

#2 acklan

acklan

    Bleepin' cat's meow


  • Members
  • 8,529 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Baton Rouge, La.
  • Local time:07:29 PM

Posted 09 July 2007 - 01:14 PM

Have you checked to see if the port that are forwarded on the router match the new server?
"2007 & 2008 Windows Shell/User Award"

#3 gavinseabrook

gavinseabrook
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:El Paso
  • Local time:06:29 PM

Posted 09 July 2007 - 10:54 PM

what port needs to be open and pointing to where?

Gavin Seabrook

 


#4 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:06:29 PM

Posted 09 July 2007 - 11:06 PM

Try installing IIS services to listen on port 80. If not installed, your vpn will not work correctly, also, make sure that LMHosts is enabled.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#5 gavinseabrook

gavinseabrook
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:El Paso
  • Local time:06:29 PM

Posted 09 July 2007 - 11:25 PM

could you instruct me on doing so?

Gavin Seabrook

 


#6 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:06:29 PM

Posted 10 July 2007 - 12:02 AM

easy enough {Start} {Control Panel} {Add Remove Programs} [Add/Remove windows components] Check IIS, click the details button to add what specific components that you need, and to configure each component of IIS. This is done on the server. If you already have IIS running there you need to check configuration of all components.

Edited by oldf@rt, 10 July 2007 - 12:05 AM.

The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#7 gavinseabrook

gavinseabrook
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:El Paso
  • Local time:06:29 PM

Posted 10 July 2007 - 12:25 AM

One problem I see is I can only ping the DNS server by IP. No Host name or FQDN. How would I resolve this first?

Gavin Seabrook

 


#8 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:06:29 PM

Posted 10 July 2007 - 01:36 AM

Check your subnet mask
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#9 gavinseabrook

gavinseabrook
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:El Paso
  • Local time:06:29 PM

Posted 10 July 2007 - 10:43 AM

subnet seems fine, yet i still cant get name resolution. From the server, I can ping by name across the vpn, but not from the other way around.

Gavin Seabrook

 


#10 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:06:29 PM

Posted 10 July 2007 - 11:12 AM

Do you have the DNS service running on the local computers and have you added the server name and ip to the hosts file?
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#11 gavinseabrook

gavinseabrook
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:El Paso
  • Local time:06:29 PM

Posted 10 July 2007 - 04:56 PM

I dont believe that the DNS service is running on the local computers. But I do have the Preferred DNS as the DNS addy of the server.

No I did not check the host files, but I did talk to the router manufacturer and they helped me point the routers to the proper WINS server. This allowed the XP machines on the other side of the VPN to get to the screen where you place in the admin user and password to join the domain, but then I recieve an error saying the DNS could not perform the requested opertations. NSlookup finds the server name on these machines, yet I still cant ping bythe name of the server.

Gavin Seabrook

 


#12 oldf@rt

oldf@rt

  • Members
  • 2,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Avondale, Arizona USA
  • Local time:06:29 PM

Posted 10 July 2007 - 09:09 PM

Try this M$ Knowledgebase article on WINS. Hopefully, it will resolve your issue.
The name says it all -- 59 and holding permanently

**WARNING** Links I provide might cause brain damage

#13 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:08:29 PM

Posted 11 July 2007 - 09:53 PM

2000 likes NetBios bound to TCP/IP to resolve names. And of course all the user rights and all that in policies.

#14 gavinseabrook

gavinseabrook
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:El Paso
  • Local time:06:29 PM

Posted 16 July 2007 - 02:18 PM

Well one thing I have noticed is that on one of their remote offices, i still cant ping the Name of the server. YET I can join the domain! So I dont know what could be wrong with the other office. The routers are configured the same way, allowing the same stuff, yet just cant connect.

Gavin Seabrook

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users