troubleshooting Question

Authentication shows incorrect ip address in Event viewer

Avatar of matedwards
matedwardsFlag for United Kingdom of Great Britain and Northern Ireland asked on
SophosWindows OSWindows Server 2012* kerberos
10 Comments1 Solution184 ViewsLast Modified:
We have a Windows 2012 R2 domain with 2 domain controllers. Users authenticate to the domain with no problems.

We have 2 subnets
LAN: 192.168.0.0/24
WLAN: 192.168.4.0/24

The WLAN traffic is routed through our Sophos XG230 Firewall/Router 192.168.0.1

Any user authenticating against one of the domain controllers (from the WLAN) shows  the ip address of the Firewall/Router, not its correct ip address of hte host they are on.

I can see this in the kerberos TGT in Event Viewer 4768.

This is only happening on 1 of the domain controllers.

Any ideas on how troubleshoot would be greatly appreciated.
ASKER CERTIFIED SOLUTION
Dirk Kotte
SE

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 10 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 10 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros