I have slight problem on my VPN, which hopefully some of you can help me with. First of all, May I thank you for taking the time to read this. This is going to be quite long.
We have a 3 site VPN over ADSL using Cisco PIX501 Firewalls and those God awful BT DSL Routers. All 3 sites have their own NT4.0 PDC with NT/9x/Apple Mac clients. The IP Address deails of all LAN's is as follows:
Site 1
Internal IP Range = 192.168.0.1 - 192.168.0.254
Internet Subnet = 255.255.255.0
IP Gateway = 192.168.0.254 (PIX 501 Firewall)
WINS/PDC = 192.168.0.1
Site 2
Internal IP Range = 192.168.1.1 - 192.168.1.254
Internal Subnet = 255.255.255.0
IP Gateway = 192.168.1.254 (PIX 501 Firewall)
WINS/PDC = 192.168.1.1
Site 3
Internal IP Range = 192.168.2.1 - 192.168.2.254
Internal Subnet = 255.255.255.0
IP Gateway = 192.168.2.254 (PIX 501 Firewall)
WINS/PDC = 192.168.2.1
I'm obviously not going to dish out the External IP's of the BT DSL Routers!
In order for all 3 sites to be able to communicate with each other over SMB I have enabled WINS server on the Primary Domain Controllers. All 3 WINS servers replicate their databases with each other which works a treat. Now, when you go into network neighborhood from any Windows machines on any site you can see the LAN in which the machine is resident and also the other two LANs.File sharing between all 3 sites does work! This is fine up a point!
We have noticed that every couple of weeks Windows 9x clients machines cannot log on to their respective domains. If you log in as either a normal domain user or an Administrator then the SMB Client cannot find the Domain controller. You can ping all machines on all networks if you don't log into the domain. We do not have this problem with the NT4.0/2000 client machines on any of the 3 sites.
The only way to get around this problem in the short term is to go into all 3 WINS databses and remove the mappings for all Windows 9x machines. Then, after restarting all 3 WINS databases I can log on to the PDC in the respetive domain (and then view the other two domains within the VPN) from the 9x machines.
Why does this only happen with Windows 9x clients and not NT/2000 clients? Any help would be appreciated, and thank you for reading.
We have a 3 site VPN over ADSL using Cisco PIX501 Firewalls and those God awful BT DSL Routers. All 3 sites have their own NT4.0 PDC with NT/9x/Apple Mac clients. The IP Address deails of all LAN's is as follows:
Site 1
Internal IP Range = 192.168.0.1 - 192.168.0.254
Internet Subnet = 255.255.255.0
IP Gateway = 192.168.0.254 (PIX 501 Firewall)
WINS/PDC = 192.168.0.1
Site 2
Internal IP Range = 192.168.1.1 - 192.168.1.254
Internal Subnet = 255.255.255.0
IP Gateway = 192.168.1.254 (PIX 501 Firewall)
WINS/PDC = 192.168.1.1
Site 3
Internal IP Range = 192.168.2.1 - 192.168.2.254
Internal Subnet = 255.255.255.0
IP Gateway = 192.168.2.254 (PIX 501 Firewall)
WINS/PDC = 192.168.2.1
I'm obviously not going to dish out the External IP's of the BT DSL Routers!
In order for all 3 sites to be able to communicate with each other over SMB I have enabled WINS server on the Primary Domain Controllers. All 3 WINS servers replicate their databases with each other which works a treat. Now, when you go into network neighborhood from any Windows machines on any site you can see the LAN in which the machine is resident and also the other two LANs.File sharing between all 3 sites does work! This is fine up a point!
We have noticed that every couple of weeks Windows 9x clients machines cannot log on to their respective domains. If you log in as either a normal domain user or an Administrator then the SMB Client cannot find the Domain controller. You can ping all machines on all networks if you don't log into the domain. We do not have this problem with the NT4.0/2000 client machines on any of the 3 sites.
The only way to get around this problem in the short term is to go into all 3 WINS databses and remove the mappings for all Windows 9x machines. Then, after restarting all 3 WINS databases I can log on to the PDC in the respetive domain (and then view the other two domains within the VPN) from the 9x machines.
Why does this only happen with Windows 9x clients and not NT/2000 clients? Any help would be appreciated, and thank you for reading.