We have three domain controllers on our network. The PDC is at location 1 ("Server 1"
, and two BDCs are at location 2 (one of them is brand new-"Server 2a"-and will be taking over all duties from the older server-"Server 2b". All machines on both LANs use internal addresses (10.x.x.x), and have static and/or PAT addresses on our firewall for Internet access.
Location 1 and 2 are separated by the Internet (to which they connect with T1 lines), so we use Cisco PIX 515 firewalls with 3des encryption for inter-site traffic (allowing all types of non-broadcast traffic between sites). Before we purchased those newer firewalls, intersite domain controller traffic was done via the external static IPs configured on a very old PIX Classic. Once the VPN was installed, though, all intersite traffic (or so I thought) was reconfigured to use internal 10.x.x.x addresses.
Our ISP is forcing us to change our IP addresses, so we have been doing so in stages. The addresses for Server 1 and Server 2a were changed without any problems. However, once I changed the address of Server 2b, that server could no longer access the PDC for NTLM traffic. Since Server 2b still holds Location 2's Exchange mailboxes, that caused problems. However, that server had base connectivity to the PDC, and was able to ping it, connect via network shares, and handle LDAP Mail Transfers. Once I switched the address back, the problem went away.
Has anyone else had a similar problem? By the way, the servers are all running SP 6a and Exchange 5.5 SP4. Server 2a is the WINS server for Location 2. No IP addresses were changed directly on the servers.
, and two BDCs are at location 2 (one of them is brand new-"Server 2a"-and will be taking over all duties from the older server-"Server 2b". All machines on both LANs use internal addresses (10.x.x.x), and have static and/or PAT addresses on our firewall for Internet access.Location 1 and 2 are separated by the Internet (to which they connect with T1 lines), so we use Cisco PIX 515 firewalls with 3des encryption for inter-site traffic (allowing all types of non-broadcast traffic between sites). Before we purchased those newer firewalls, intersite domain controller traffic was done via the external static IPs configured on a very old PIX Classic. Once the VPN was installed, though, all intersite traffic (or so I thought) was reconfigured to use internal 10.x.x.x addresses.
Our ISP is forcing us to change our IP addresses, so we have been doing so in stages. The addresses for Server 1 and Server 2a were changed without any problems. However, once I changed the address of Server 2b, that server could no longer access the PDC for NTLM traffic. Since Server 2b still holds Location 2's Exchange mailboxes, that caused problems. However, that server had base connectivity to the PDC, and was able to ping it, connect via network shares, and handle LDAP Mail Transfers. Once I switched the address back, the problem went away.
Has anyone else had a similar problem? By the way, the servers are all running SP 6a and Exchange 5.5 SP4. Server 2a is the WINS server for Location 2. No IP addresses were changed directly on the servers.
OMAIN notation. And if Server 1 is not a WINS client of 2a, you should either make it a WINS client of that server or manually create a Unique static record in the WINS database for that server. Once that's done I don't think you will have these problems.
