Solved

How to join a remote domain over IPSec?

Posted on 2006-06-27
5
605 Views
Last Modified: 2010-03-19
We have 2 offices, the main office network details below:
ADSL Modem(Static IP) -> FireWall(192.168.100.1) -> Internal network(192.168.100.2-254)
The remote office network details below:
ADSL Modem(Static IP) -> FireWall(192.168.200.1) -> Internal network(192.168.200.2-254)

The VPN(IPSec) is established between these two sites thought the FireWall, also all IP addresses fromboth sites are dynamic assigned by the firewall. The PCs in both sites can ping each only by IP Addresses but not PC names.
When I try to join in the domain, it said "A domain controller for the domain could not be contacted". I think that's why I cannot join the remote office PCs to main office domain where has one DC and DNS server.

I need a solution to solve this problem. Anyone got any ideas?

Thanks a lot
0
Comment
Question by:hhubbo
5 Comments
 

Expert Comment

by:dreamer7749
ID: 16990632
IT has relationship with what brand of firewall you used, some firewall could do it like sonicwall.
0
 
LVL 26

Expert Comment

by:jar3817
ID: 16991484
In Active Driectly clients find domain controllers (and other info) using DNS, and it sounds like your DNS setup isn't quite working. Try setting the dns server in all the workstations to the one dns server in the other location.  Once you are able to ping by DNS name you'll be able to join the domain.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 125 total points
ID: 16991753
Try creating a little 2-line LMHOSTS file and put it on the remote network PC. This LMHOST file simply identifies the domain and the domain controller. Pay attention to all the details of the file requirements as laid out here:
How to Write an LMHOSTS File for Domain Validation and Other Name Resolution Issues
http://support.microsoft.com/support/kb/articles/Q180/0/94.ASP 

0
 
LVL 4

Assisted Solution

by:gbirkemeier
gbirkemeier earned 125 total points
ID: 16993607
What side is the Domain Controller on?

In order to get the UNC naming to work you need to configure WINS servers on each network.  In your DHCP configuration on the remote router create an entry for the WINS server in the other network where the DC (WINS server) resides.

If the DC is on the 192.168.100 network, then configure the clients on the 192.168.200 network with the IP address of the WINS server (usually the DC) in the 192.168.100 network.

If you have a DC on both sides of the network you will want to configue WINS replication on each server that points to the other WINS server.192.168.100 <--> 192.168.200
0
 

Author Comment

by:hhubbo
ID: 17006103
I created a couple of entries in LMHOSTs file, so I can join in the remoted domain now. Thanks lrmoore.
Also I think if I setup WINS server which would be easier to handle all my pcs. Thanks gbirkemeier.
 
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Is it possible to host a website on a windows vps 4 57
Cisco WAP POE power 28 78
No Wireless Networks Visible In Windows 10 7 52
Switch ports not working 8 33
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question