[windows2000] Re: Network Help

• From: "Sullivan, Glenn" <GSullivan@xxxxxxxxxxxxxx>
• To: "'windows2000@xxxxxxxxxxxxx'" <windows2000@xxxxxxxxxxxxx>
• Date: Fri, 7 Nov 2003 09:28:23 -0500

I guess what I meant was, do the client computers in the other subnet use
the local machine as a DNS server, or do they do DNS over the link, or are
they set up with ISP DNS entries.
 
The second DC should point to itself for DNS... every DC that is also a DNS
server (which, assuming AD integrated DNS zones, should be every DC, IMNSHO)
should point to itself.
 
But I guess I would also make the second DC a GC as well.  No sense having a
DC in the remote site if the clients are going to have to traverse the link
to get to the GC to log in (which, as you found out, is necessary to login).
 
Does the VPN traffic get filtered at all?  Probably a tough question to
answer, since you aren't the firewall admin...  Does the VPN go through the
firewall or around it?
 

Glenn Sullivan, MCSE+I  MCDBA
David Clark Company Inc. 

-----Original Message-----
From: Rick Fogarty [mailto:rick@xxxxxxxxxxxxx]
Sent: Friday, November 07, 2003 9:11 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Network Help


No problem Glenn... It seems a bit odd that things don't work as expected,
but I'm really not sure if the Network Admin has things setup correctly at
the firewall level.
 
Connectivity does work both ways.  I can ping devices from either side of
the network.
 
DNS was a bit tricky... I wasn't sure how to work this one... I setup the
sat account (first) pointing back to the original DC - however, considering
the network issues, it didn't work.  So, I then changed it and set it up to
point to itself.  
 
Make sense?  Although, I didn't know one could setup a DNS server to serve
only one subnet (he says while searching MS' site)

Thanks,
Rick

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Sullivan, Glenn
Sent: Friday, November 07, 2003 8:59 AM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Network Help


You mention that you have connectivity to them.  Does it work the other way?
 
How is the DNS set up when you add that other DC?  Is it the DNS for that
subnet?  If so, is it synched with your main DNS, so it can find the GC?
 
Shooting from the hip, of course...
 

Glenn Sullivan, MCSE+I  MCDBA
David Clark Company Inc. 

-----Original Message-----
From: Rick Fogarty [mailto:rick@xxxxxxxxxxxxx]
Sent: Friday, November 07, 2003 8:41 AM
To: W2K
Subject: [windows2000] Network Help


This is more a theory question, but I'm hoping someone will jump on board to
help me out....
 
Here is the way our network is setup, perhaps you can tell me why things
aren't working as expected.
 
On our main campus in my county, we have a T1 that is provided by the state.
That's pushed to three separate subnets - two private (172.16.12 &
172.16.20) and one public address (198.85.71.x).  Each of these subnets has
many computers that we need to manage.  I've created a new W2k3 AD domain
and at present only have one DC - all the roles reside on it.  DNS, DHCP and
Wins are setup and running flawlessly - at least for now....
 
The DC (Zeus) has a network card per subnet that allows each subnet to login
and get network resources.  This appears to be working fine.  I've setup a
site for each subnet and logins and name service request work well.
 
Now, the strange part -  We have a satellite site that has a commercial
cable modem setup providing access to 150 computers.  Each site ours and
theirs is setup with a Watchgaurd Firebox 2500.  The two sites are linked
with an encrypted VPN.  So, I can sit at my desk and tracert to a machine
over there and it traverses exactly as expected.  However, when I place a DC
over there so they can login to our domain, it can't find the global
catalog.
 
To me, it seems that not all traffic is passing through the firewall.  Does
that sound right?  Is there a better setup for something like this?

Thanks,
Rick
==========================================================================
Rick Fogarty
Coordinator, Technical Support and Computer Servicing
Sandhills Community College
3395 Airport Rd
Pinehurst, NC 28374
1(910) 695-3943
Fax 1(910)695-1823
rick@xxxxxxxxxxxxx <mailto:rick@xxxxxxxxxxxxx> 
http://www.sandhills.edu <http://www.sandhills.edu/> 
==========================================================================
 

• Follow-Ups:
  • [windows2000] Re: Network Help
    • From: Rick Fogarty

Other related posts:

• » [windows2000] Network Help
• » [windows2000] Re: Network Help
• » [windows2000] Re: Network Help
• » [windows2000] Re: Network Help
• » [windows2000] Re: Network Help
• » [windows2000] Re: Network Help

1. Home
2. windows2000
3. Archive
4. 11-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---