Solved

Joining a Windows 2003 domains throught a site to site VPN

Posted on 2008-10-05
4
211 Views
Last Modified: 2010-03-17
I have jiust setup a site-to-site VPN using a Watchguard XCore 550 and a Watchguard Edge X10e.
Site A: Server/Domain Controller/DNS (static IP)
Site B: workstations with Win XP Pro (dynamic IP)

I have setup the PCs with the following network settings:
DNS 1: Ip of the Domain Controller

When I try to join the domain it returns a DNS error.

What should I do? I have tried to ping the dns using : servername.domain.local and it respons correctly.

Help me it's very urgent!
0
Comment
Question by:ssardella
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 

Author Comment

by:ssardella
ID: 22647200
I forgot:

Site A: 192.168.19.0/24
Site B: 192.168.21.0/24

I have added to the DNS server the A record of the workstations at site B and added the PRT records for that subnet..
0
 
LVL 4

Expert Comment

by:lscapa
ID: 22649425
It might be a MTU packet size issue. Whats the largest packet size you can ping through?
ping HOST -l 1472 -f
This will keep it from fragmenting the packet. You hopefully will see something like:
"Packet needs to be fragmented but DF set."
 
If so you'll need to reconfigure your routers to handle at least a 1500kb packet if not more.
0
 
LVL 3

Accepted Solution

by:
tismetoo earned 500 total points
ID: 22650430
Can you post the exact DNS error. Also when you are trying to connect to the domain, are you trying to resolve the Netbios name ie DOMAIN or the DNS name ie domain.local? Try to connect to the domain using the FQDN - domain.local as specified on the DNS server on your DC.

You also need other ports open between the 2 sites, other than DNS. Do you have policies blocking ports between the sites or is it an open link, allowing any traffic?
0
 

Author Comment

by:ssardella
ID: 22655262
I made it :)

I was just very tired and had not noticed that the firewall at the other end was blocking DNS requests...sorry guys...anyhow thanks for the help!
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question