• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 691
  • Last Modified:

Unable to Join Domain over VPN

I have cisco ASA's in 2 locations. I setup VPN access so they can talk to eachother. I am able to ping across both networks using IP and FQDN without issue.

When I try and join a PC to the domain on the remote network, I get the password box asking me to authenticate, I put in my credentials and hit ok.

After about 3 minutes I get this error.

Unable to joing specified domain, the network name is no longer available.

Any ideas?
0
Matthew Galiano
Asked:
Matthew Galiano
  • 8
  • 6
1 Solution
 
lords1979Commented:
ensure on the group policy on the asa for the vpn you have inherit dns checked.  This should allow for named server access, which it sounds is missing.
0
 
lords1979Commented:
If you do not have a netbios server listed in the tunnel group, this could be the problem as well.
0
 
ddiazpCommented:
When you type in your credentials, are you putting <domain>\<username>?

On the PC you're trying to add, open the command line and enter:

nslookup
set type=srv
<domain>
(make sure the results match your domain settings)
set type=ns
<domain>
(make sure the nameservers for your domain appear)
set type=a
<enter each one of the results for the ns query>
(make sure you can ping these guys)
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
Matthew GalianoCTOAuthor Commented:
I get the password box that prompts me to authenticate, and I use domain\username but I get the same error.

Do you think something is missing from the confiig?
0
 
lords1979Commented:
Please check the two things I named above using ASDM on the ASA.
0
 
Matthew GalianoCTOAuthor Commented:
The remote ASA or the on where my domain controler is located?
0
 
lords1979Commented:
The one where the domain controler is located that you are connecting to.
0
 
Matthew GalianoCTOAuthor Commented:
I don t see where either of those are listed in ASDM on the DC. I checked remote access vpn and site to site vpn.
0
 
lords1979Commented:
What type of vpn do you have setup?  SSL, ipsec, etc.
0
 
Matthew GalianoCTOAuthor Commented:
IPSEC
0
 
lords1979Commented:
if you go to the configuration tab, click remote access vpn in the left pane.  Under network client access, there is an option for group policies.  Select the group policy that pertains to your vpn and click edit.  On the left pane there is a server option.  Ensure your dns server is listed.
0
 
Matthew GalianoCTOAuthor Commented:
Yes I already had it listed by IP.
0
 
Matthew GalianoCTOAuthor Commented:
Any other ideas?

DNS is already pointing correctly, when I ping the FQDN from the remote machine I get a reply back from the IP of my DC.

It just wont join.
0
 
Matthew GalianoCTOAuthor Commented:
I figured it out. For some reason it was looking for the NetBios name within the credentials when I was joining the domain.
0
 
Matthew GalianoCTOAuthor Commented:
Figured it out myself.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now