Im trying to set up a 2 way trust between my domain and my friends domain. We both are using routers with a VPN tunnel connected to both domains. The problem is when I go to set up the trust in the w2k server it tells me that the domain can't be found. Do I need to create anything in DNS or anything on my end for my server to see the other domain? All I know is that when I do a ping on the other domain I am trying to set up I get the external IP address and not the local ip address that I would receive for any other computer on my friends domain since we have the tunnel set up. We both can ping each others internal IP addresses so its not like I can't see his server since I can ping it by the local ip address of the server node. So my question is what am I missing here?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
W2K...Can't find the other Domain to make a 2 way Trust
- Thread starter mcr123
- Start date
You must also verify if the two domains are separated by a router that your correct ports are open to establish a trust. Various ports require to have two way traffic going through them to be able to communicate over the secure channels to establish trust relationships between domains. If you need the ports let me know..
- Thread starter
- #4
- Thread starter
- #5
Which VPN protocol?
Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
- Thread starter
- #7
we are using IGRP with a tunnel setup in the routers. I need to know what udp/tcp ports I need to setup, What i need to add in DNS because im now confused, and also what else I need to add. I also need to know when I ping the domain name of my friends, should I be pinging the global ip address or his internal ip address? The same for his Domain controller. Maybe someone can walk me thru it over the phone. Let me know.
Thanks
Thanks
VPN tunnel will make in such a way that your friends networks and your network will behave like being in a company LAN. Once the connection established you don't have to use at all the ISP address of the other side.
Once youhave the VPN tunnel created I'm wondering why do you need to open special some ports? The connection through VPN should be as transparent as possible, since that channel is already secure.
So,.. I don't see the ports issue here. IGRP is not a VPN protocol, is a network (IP) protocol for managing the relations between routers (that's the simplest definition).
Once youhave the VPN connection running, behave with your network configurations like being in company LAN (more networks, separated by routers).
DNS. The best way:
create secondary DNS zones, distributed between your DNS servers. Keep in mind that networkA to acces resources from networkB needs a properly IP name resolution. There should be then some links between the DNS servers = creating secondary zones hosted on the other DNS servers.
Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
Once youhave the VPN tunnel created I'm wondering why do you need to open special some ports? The connection through VPN should be as transparent as possible, since that channel is already secure.
So,.. I don't see the ports issue here. IGRP is not a VPN protocol, is a network (IP) protocol for managing the relations between routers (that's the simplest definition).
Once youhave the VPN connection running, behave with your network configurations like being in company LAN (more networks, separated by routers).
DNS. The best way:
create secondary DNS zones, distributed between your DNS servers. Keep in mind that networkA to acces resources from networkB needs a properly IP name resolution. There should be then some links between the DNS servers = creating secondary zones hosted on the other DNS servers.
Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
- Thread starter
- #9
- Status
Similar threads
