Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Network Topology and Domain Authentication

Status
Not open for further replies.
jdonalds

jdonalds

MIS
Jan 9, 2004
95
0
0
US

Two domains A and B (separate forrests) connected by non-transitive trust via vpn tunnel. Domain A has a main site and three remote sites. The three remote sites are connected to the main site via cisco pix's. Each remote site pulls it's addressing (dhcp and dns) from a domain controller at the main site. Domain B has a main site and one remote site. From each main site we can authenticate to each domain from both sides of the tunnel.

Finally the issue...from the remote sites of domain A we cannot authenticate to domain B though it's pulling a valid ip address from the main site for domain A. Each remote site has it's on subnet of IP addresses that get assigned. Any suggestions would be appreciated.

Thanks,
Jeremy
 
Sort by date Sort by votes
Hi,

Domain B, Remote Site also connects to Domain B through Cisco PIX? If so, is it possible from the Remote SIte of Domain B to authenticate to DC in DOmain A?
By first approach, I think it's necessary to enable logging on PIX firewalls in remte sites of Domain A , then try to authenticate from that remote site to DC in Domain B. Examine PIX logs. I think that, the problem is - PIX does not allow some traffic.



Victor K
MCSE+I;MCSE(w2k);CNE(5.1);CNE(6);CIWSP;CIWSA;Net+;CCNA;CCSE+
 
Upvote 0 Downvote
No, the Remote site for Domain B connects to the main site of Domain B via nortel equipment. The vpn tunnel that ensures a domain trust between domain A and B is configured between a nortel box and a cisco pix at each main site. I have the same issue with machines at remote site on domain B not authenticating to the domain but since they are using XP they are able to login then access resources at the main site in domain B via the vpn tunnel. I know I'm making this difficult let me draw the image this way:

Domain A
1 Main Site - Cisco Pix
3 Remotes Sites - Each have Cisco pix and tunnel back to main site.

Domain B
1 main site - nortel contivity
1 remote site - nortel contivity tunnel back to main site.

There is a vpn tunnel between main site A and main site B. There is a domain trust setup. From each main site using xp or windows 2000 I can authenticate from each side to the opposite domain. However from the remote sites of either domain I cannot.

Regarding PIX not allowing some traffic, this could be. I will look into that. Thanks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
89
DTGMI
DTGMI
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
181
goombawaho
goombawaho
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
77
ADB100
ADB100
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
135
gbaughma
gbaughma
nukeinfer
  • Locked
  • Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
87
mangentle
mangentle

Part and Inventory Search

Sponsor

Back
Top