Login to Windows Domain Cisco VPN

[Ztrek7]

Scenario:

Offsite Location with Windows XP Pro SP2, Cisco VPN Client, trying to logon to a Windows domain. The VPN connects prior to login successfully, but when logging in, we get the Domain XXXX not available.

If login to local machine instead of domain, we can ping domain controller and domain controller can ping client. We can ping DC using FQDN from client. We can browse to network resource on windows server \\server\share, and it prompts for username and pass, and grants or denies correctly.

We just cannot get machine to find the domain prior to logging in.

Some info:

The machine was joined to the domain PRIOR to being put in offsite location, don't know if that is an issue or not.

I tried putting an entry into the lmhosts file in format:

192.168.90.### xxxx #PRE #DOM:xxx

The x's and #'s represent the exact number of spaces of names and numbers, not sure, but I think I remember that their is some kind of character limit, not sure though. That is the info above of the DC.

Anyway, the lmhosts thing did not work.

The client PC is NOT on the same subnet as 192.168.90.0, it is on 172.32.1.0.

I am completely stumped. ANY advice about what to check or try would be extremely welcomed!

Thanks,

 

[ROUTERKID1]

I would make sure the DNS is setup right, make sure the DNS suffix are correct and then bump the machine to a work group and readd to domain. Make sure if you login via the local machine go in to DOS and run NSlookup to make sure the DNS server is found. DNS is the Key to AD....


Please let me know how it go's

 

[MTVW]

Kerberos Port 88 udp/tcp probably needs to be made available for traffic.

AD uses Kerberos for authentication.