Re: Trust over NAT

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hi

I changed DNS so I have a new primary forward zone with the external domain
name
I added a record for the domain name
I can ping the domain name and it uses the NAT address and replies back no
problem.


NAT address should be public not internal....
You added a record for the domain name? What record?
Is the Public address replying to you?

If you use nslookup domain.com
What address is listed?

Please give more inf about your both domain configuration.

domain1.com, domain2.com, ip address, Dns configuration, etc.




--
Best Regards
Systems Administrator
MCSA + Exchange



"John M" <sdkfj@xxxxxxxxxxxxx> wrote in message
news:eQJCeD%23ZGHA.3684@xxxxxxxxxxxxxxxxxxxxxxx
I changed DNS so I have a new primary forward zone with the external domain
name
I added a record for the domain name
I can ping the domain name and it uses the NAT address and replies back no
problem.


"Jmnts" <jmnts@xxxxxxxxxxx> wrote in message
news:%23NhCc29ZGHA.1352@xxxxxxxxxxxxxxxxxxxxxxx
Hi
- This will never work. I must use the real Dns IPAdddress, the servers
must able to reach eachother Dns.
- Of course if you have both forests in same Subnet Address the requests
won't leave the local Subnet. So the forests must be connected to the
same switch/Hub or must be in different subnets in order to the router
forward the requests.
- Your NAT device is responding to ICMP requests?? (Enable FW on the NAT
device)


--
Best Regards
Systems Administrator
MCSA + Exchange



"John M" <sdkfj@xxxxxxxxxxxxx> wrote in message
news:u6Wyzi6ZGHA.504@xxxxxxxxxxxxxxxxxxxxxxx
I'm trying to setup a trust between two separate forests over a VPN
connection. There is conflicts with the private address being used at
each site, so were using NAT to change the private address to something
we can both use.
I added the external domain name to my DNS forwarder list with the NAT
ip address. Problem is that if I try to ping the external domain it
comes back with the real ip address and not the NAT address. So when
setup the trust and put in the external domain name it fails.

anyone have any ideas for me?
thanks
John







.

Relevant Pages

  • Re: Trust over NAT
    ... In my DNS I put a forward lookup zone for ... I can ping domain2.com and it replies with 10.202.13.1 ... NAT address should be public not internal.... ...
    (microsoft.public.win2000.active_directory)
  • Re: Trust over NAT
    ... I can ping domain2.com and it replies with 10.202.13.1 ... I can ping the domain name and it uses the NAT address and replies back ... NAT address should be public not internal.... ... domain1.com, domain2.com, ip address, Dns configuration, etc. ...
    (microsoft.public.win2000.active_directory)
  • Re: Internet Sharing through NAT
    ... In that case you probably haven't configured NAT correctly. ... > Sorry Bill, maybe i didn't explain clearly, I can ping the ip address ... >> Set the DNS on your server to forward to a public DNS service. ...
    (microsoft.public.win2000.ras_routing)
  • Re: NAT is not a mechanism for securing a network.. but.. HELP!
    ... > Linksys NAT router at the time and the machines behind the router ... > responded to the ping test. ... > Not once did the Linksys NAT router in its syslog using Wallwatcher ... "if the firewall responds to pings, there is an easy path for hackers into the network" ...
    (comp.security.firewalls)
  • Re: NAT is not a mechanism for securing a network.. but.. HELP!
    ... For years I have heard people claim that NAT could be ... > They debunk the myth that a NAT router provides as strong security as ... I went to a site that did ping testing with the ... I see the WG responding to the in the WatchGuard syslog by using ...
    (comp.security.firewalls)