Domain Logins with Multiple IP Segments ???

[Ryman]

OK... Here's the deal.

I have a network with 2 VLANS and have trouble getting the clients in VLAN2 to join the domain... which is in VLAN1...

I have included the details below. HELP!!

I have a retail store with a Cisco 1760 router (ip- 10.9.1.254) handling WAN connectivity. I have a Cisco 2950 switch with 2 VLANS. VLAN1 is 10.9.1.x with a 10.9.1.254 gateway. VLAN2 is 10.9.2.x with a 10.9.2.254 gateway.

I have a LAN setup with a WIN 2003 Server running as a file server etc. It is an AD/DNS server. I am using all static IP's on the clients.

I am not doing anything fancy on the AD/DNS server. The ip of the server is 10.9.1.252.
The network card settings are as follows.
IP-10.9.1.252/255.255.255.0

Gateway-10.9.1.254 (Ip of router)

DNS-10.9.1.252 then the 2 public DNS we use - 206.141.192.55 etc.

The DNS server is not setup to do anything special. Maybe it should be.

Now... my clients in the 10.9.1.x ip range can join the domain no problem.

Client settings are as follows

VLAN1 client (joins domain just fine)
IP-10.9.1.1 / 255.255.255.0
GAteway-10.9.1.254
DNS-10.9.1.252 and then my 2 public ips in the secondary DNS spaces

VLAN2 Client
IP-10.9.2.1 / 255.255.255.0
GAteway-10.9.2.254
DNS-10.9.1.252 and then my 2 public ips in the secondary DNS spaces


BUT... I can't get the clients in the 10.9.2.x range to join the domain. They can't find the domain controller. I need to be able to have clients in both ip segemnts able to join the domain. DO I have a Gateway problem in my server configs? Or do I have a DNS issue?

If anyone can help... I would be very grateful!! I am frustrated with this thing.

Thanks a Million.

If you need more details let me know

 

[Serbtastic]

What is at the gateway address 10.9.2.254?

 

[Ryman]

Serbtastic...

10.9.2.254 is the gateway for VLAN2. My Cisco switch and router are set-up to use the 10.9.2.254 sub interface on the router as the gateway for VLAN2. I don't have this gateway entered on the server network card anywhere, as like a secondary gateway though..


ANy thoughts?

 

[NetIntruder]

can you ping the inside DNS server from VLAN2? It sure sounds like a connectivity issue at a glance...

~Intruder~
CEH, MCSA/MCSE 2000/2003

"The Less You Do, The Less Can Go Wrong"

 

[Ryman]

I can ping the server from a VLAN2 machine. I just can't get it to join the Domain. I receive an error message that the Domain Controller can not be contacted. Do I need any special entries to allow a Pc on a seperate ip segment to join a Windows Doamin?

I can get the 10.9.1.1 PC to join the windows domain just fine.

BUT... the 10.9.2.1 Pc can't find the domain controller.

Any ideas why the 10.9.2.1 can't see the DC

 

[GlenJohnson]

Just for jollies, take a machine with the 10.9.2.x range, put a host file on it with the server and see if it will join the domain.

Glen A. Johnson
If you're from the Illinois, Wisconsin or Florida area, check out Tek-Tips in Chicago IL
To get the best answers to your questions, check out faq950-5848