Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Login to Windows Domain Cisco VPN

Status
Not open for further replies.

Ztrek7

IS-IT--Management
Joined
Mar 12, 2004
Messages
100
Location
US
Scenario:

Offsite Location with Windows XP Pro SP2, Cisco VPN Client, trying to logon to a Windows domain. The VPN connects prior to login successfully, but when logging in, we get the Domain XXXX not available.

If login to local machine instead of domain, we can ping domain controller and domain controller can ping client. We can ping DC using FQDN from client. We can browse to network resource on windows server \\server\share, and it prompts for username and pass, and grants or denies correctly.

We just cannot get machine to find the domain prior to logging in.

Some info:

The machine was joined to the domain PRIOR to being put in offsite location, don't know if that is an issue or not.

I tried putting an entry into the lmhosts file in format:

192.168.90.### xxxx #PRE #DOM:xxx

The x's and #'s represent the exact number of spaces of names and numbers, not sure, but I think I remember that their is some kind of character limit, not sure though. That is the info above of the DC.

Anyway, the lmhosts thing did not work.

The client PC is NOT on the same subnet as 192.168.90.0, it is on 172.32.1.0.

I am completely stumped. ANY advice about what to check or try would be extremely welcomed!

Thanks,
 
I would make sure the DNS is setup right, make sure the DNS suffix are correct and then bump the machine to a work group and readd to domain. Make sure if you login via the local machine go in to DOS and run NSlookup to make sure the DNS server is found. DNS is the Key to AD....


Please let me know how it go's
 
Kerberos Port 88 udp/tcp probably needs to be made available for traffic.

AD uses Kerberos for authentication.

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top