Solved

Joining a Windows 2003 domains throught a site to site VPN

Posted on 2008-10-05
4
209 Views
Last Modified: 2010-03-17
I have jiust setup a site-to-site VPN using a Watchguard XCore 550 and a Watchguard Edge X10e.
Site A: Server/Domain Controller/DNS (static IP)
Site B: workstations with Win XP Pro (dynamic IP)

I have setup the PCs with the following network settings:
DNS 1: Ip of the Domain Controller

When I try to join the domain it returns a DNS error.

What should I do? I have tried to ping the dns using : servername.domain.local and it respons correctly.

Help me it's very urgent!
0
Comment
Question by:ssardella
  • 2
4 Comments
 

Author Comment

by:ssardella
ID: 22647200
I forgot:

Site A: 192.168.19.0/24
Site B: 192.168.21.0/24

I have added to the DNS server the A record of the workstations at site B and added the PRT records for that subnet..
0
 
LVL 4

Expert Comment

by:lscapa
ID: 22649425
It might be a MTU packet size issue. Whats the largest packet size you can ping through?
ping HOST -l 1472 -f
This will keep it from fragmenting the packet. You hopefully will see something like:
"Packet needs to be fragmented but DF set."
 
If so you'll need to reconfigure your routers to handle at least a 1500kb packet if not more.
0
 
LVL 3

Accepted Solution

by:
tismetoo earned 500 total points
ID: 22650430
Can you post the exact DNS error. Also when you are trying to connect to the domain, are you trying to resolve the Netbios name ie DOMAIN or the DNS name ie domain.local? Try to connect to the domain using the FQDN - domain.local as specified on the DNS server on your DC.

You also need other ports open between the 2 sites, other than DNS. Do you have policies blocking ports between the sites or is it an open link, allowing any traffic?
0
 

Author Comment

by:ssardella
ID: 22655262
I made it :)

I was just very tired and had not noticed that the firewall at the other end was blocking DNS requests...sorry guys...anyhow thanks for the help!
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question