Cant logon to domain over site-to-site vpn

Posted by 3molo on Server Fault See other posts from Server Fault or by 3molo
Published on 2011-01-05T09:32:22Z Indexed on 2011/01/05 9:55 UTC
Read the original article Hit count: 458

Filed under:

windows-domain

|

site-to-site-vpn

Tied together branch office with main office over two Cisco ASAs. The (internal) networks on either side can communicate with the other. I can ping, use the DC's DNS service and even join a domain on a new client. I can't however logon, I get the "domain controller is not available" error message on client. I find nothing peculiar in DC's event logs.

Sicne it's site-to-site (with ping), it's always up so it should work. No firewall rules (except allow any any) between the two networks (of either side).

Main site internal net: 10.10.10.0/24 Branch office net: 10.180.3.0/24

Am I overlooking something here? Where should I start investigating this?d

© Server Fault or respective owner

Related posts about windows-domain

Cancel Windows Domain Membership durin Suse installation

as seen on Super User - Search for 'Super User'
Hi, I am installing SUSE 11.2, and went with the default options, now it reached the point of "Windows Domain Membership". At job I do not remember the right names, so I tried some but I get an error message which says "cannot use the group "WORKGROUP" for Linux authentication", etc. So I would… >>> More
Cancel Windows Domain Membership durin Suse installation

as seen on Server Fault - Search for 'Server Fault'
0 vote down star Hi, I am installing SUSE 11.2, and went with the default options, now it reached the point of "Windows Domain Membership". At job I do not remember the right names, so I tried some but I get an error message which says "cannot use the group "WORKGROUP" for Linux authentication"… >>> More
Windows Domain Controller: Create a test environment from a production environment

as seen on Server Fault - Search for 'Server Fault'
I need to create a working test environment of a domain we have. I need to have all the data from the production environment in the test environment. What is the best way to go about doing this? Here are some ideas I have but I am not sure if there is a better/recommended way of doing this. Use… >>> More
Why is the DNS on my Windows Server 2012 not authoritative according to dig?

as seen on Server Fault - Search for 'Server Fault'
This is me trying to understand something rather than a real problem. I have a new Windows Server 2012 Essentials. That server provides, DNS, DHCP etc. Lets say my Windows domain is my-windows-domain and the server's host name is my-server. The domain's DNS zone is my-windows-domain.local. The server's… >>> More
Granting rights to Windows domain Users in Ubuntu?

as seen on Stack Overflow - Search for 'Stack Overflow'
I've connected an Ubuntu 9.10 server to my Windows domain with Likewise Open. I am able to log into the server with my domain account (as DOMAIN\user), but my administrative rights don't carry over. How can I grant admin rights to domain user accounts? >>> More

Related posts about site-to-site-vpn

Router for creating site to site VPN to server provider using Cisco ASA 5540

as seen on Server Fault - Search for 'Server Fault'
We have dedicated servers hosted for us by a third party, we connect to these over a VPN. My server provider uses Cisco ASA 5540 as VPN devices. Currently we're using software clients on individual machines to connect to this VPN, either: Cisco VPN Client Shrew Soft VPN Connect However, I'm looking… >>> More
Site-to-site VPN using MD5 instead of SHA and getting regular disconnection

as seen on Server Fault - Search for 'Server Fault'
We are experiencing some strange behavior with a site-to-site IPsec VPN that goes down about every week for 30 minutes (Iam told 30 minutes exactly). I don't have access to the logs, so it's difficult to troubleshoot. What is also strange is that the two VPN devices are set to use SHA hash algorithm… >>> More
Site to Site VPN with Rails

as seen on Stack Overflow - Search for 'Stack Overflow'
First of I'm very sorry but this questions is not so so specific. All I am looking for is a tutorial or a resource for creating a site-to-site VPN. Actually, I not even sure if that is what I should call it. I live in China and I want to access youtube and stuff. And I don't want to buy a proxy service… >>> More
Cisco: Site-to-site VPN with cisco 878 and ASA weirdness

as seen on Server Fault - Search for 'Server Fault'
I currently have 2 sites, both connected to each other through 2 firewalls / routers in a site-to-site VPN. Pinging from server to server (Using 2mb/2mb SDSL) through that VPN obviously works, however, at one site, we have another internet connection (7m/400k ADSL), and only the link between the two… >>> More
Site to Site VPN with Fault Tolerence

as seen on Server Fault - Search for 'Server Fault'
Hello, I have a situation where I require an IPSEC tunnel between two sites. Site 2 is a small branch office with basic (ADSL) connectivity and Site 1 is the "main" office with SDSL and ADSL for redundancy should the SDSL fail. From Site 1, all traffic bound for the 172.0.0.0 network will then be… >>> More