Strange DNS issues - Resolve by IP is ok, resolve by name is not

[gavm99]

Hi all,

I have a strange problem here. I have a remote site which is connected to the Head Office using a router VPN.

The remote site has a server which is a DC.

The remote site is using the DNS server at the Head Office (which is also a DC). I can ping the server at the Head Office by name and by IP.

However I can't access the server at Head Office by name (for example \\server) it gives me a permissions error. If I do the same by IP (for example \\192.168.1.1) it works fine!!

Overall this is an issue as it means I can't get Outlook to plug into Exchange, it keeps prompting for the password.

There is also Kerberos errors in the event log on the main server.

Please help!!!

Thanks.

 

[Grenage]

Out of curiosity, why have you not configured the server at the remote office to be a DNS server? It would cut down on some needless traffic, and the DNS servers can sych with each other.

Carlsberg don't run I.T departments, but if they did they'd probably be more fun.

 

[gavm99]

Hi,

I realise this also but it is the setup as I have walked into it. I agree that would be better, but is not the issue at the moment.

 

[lhuegele]

There could be several issues here - We need more information from you though:

- You mentioned that you had a DC at both sites. Are both sites part of the same domain or different domains?

- You mentioned that the 2 offices are connected by a "router VPN" - what exactly do you mean by this? Is it a site-to-site VPN tunnel? ARe there firewalls on both ends of this VPN connection?

 

[gavm99]

Hi,

There are both part of the same domain.

Yes it is a site to site VPN tunnel using Cisco routers.

I have found the issus, it was with Active Directory at the remote site.

I made the server at the remote site a member server, made is a DC again and then replication was sorted. This sorted the Kerberos errors I encounted and enabled all the clients to resolve machine names again.

Thanks.