Re: bowsing over IPSEC Tunnel

---

• From: "Herb Martin" <news@xxxxxxxxxxxxxx>
• Date: Tue, 12 Apr 2005 12:28:14 -0500

---

"Amad Malik" <AmadMalik@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7D1B99A9-0DC6-4317-8DF8-E09B316DCDF4@xxxxxxxxxxxxxxxx
> I have just connected two sites using IPSEC over internet using CISCO PIX.
> both are different domains.

re: "different domains"

This complicates both DNS and NetBIOS resolution.

> I can connect using IPADDRESS but I need to be
> able to browse using my network places. and then I want to create a trust
> between two domains.

Both of those require NetBIOS name resolution and since
you are working across routers this pretty much means you
need a COMMON WINS Server database (as you seem to
indicate below.)

> I am using windows 2000 but soon will upgrade to windows
> 2003.

Likely irrelevant to your problem.

> Please help me.
>
> I am not expert but I think I have to use WINS.

Yes. You need WINS servers.

Probably one in each network, AND in that case they
must replicate.

Each domain's Domain Master Browser (PDC Emulator,
or PDC in NT4) must be able to use NetBIOS to find the
other Domain Master Browser.

Also note, that EVERY machine in both networks should
use the same WINS database (same WINS server or a
replicating set of WINS servers).

> CAN please also tell me a
> best way to setup DNS becouse my DNS seems to be working allright but
> nslookup command gives no result.

nslookup ALWAYS gives SOME results.
(Even if they are not what you wish.)

We cannot solve a DNS problem without the symptoms
but...

Since you have two domains, it is likely that the DNS
servers on one side of the IPSec must hold "secondary"
DNS zones for the other DNS zone (which is presumably
mainly on the other side of the IPSec routers.)

THIS is one thing that might be improved by using Win2003
DNS servers, since they includes stub zones and conditional
forwarding (which might handle the cross resolution better.)



.

---

• References:
  • bowsing over IPSEC Tunnel
    • From: Amad Malik

• Prev by Date: automatically create a drive mapping
• Next by Date: Re: My Network Places related question
• Previous by thread: bowsing over IPSEC Tunnel
• Next by thread: automatically create a drive mapping
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Help SMPT Errors ... FAIL Reverse DNS entries for MX records ERROR: The IP of one or more of your ... it may mean that your DNS servers did not respond fast enough). ... INFO NS records at parent servers Your NS records at the parent servers ... PASS Parent nameservers have your nameservers listed OK. ... (microsoft.public.exchange.admin) Re: Windows 2000 logon process ... Paul Williams ... when clients are accessing the GPO stored in SYSVOL during logon. ... PW>> Sound's like - that's a combination of DNS and Dfs client pointing ... Global Catalogue servers? ... (microsoft.public.win2000.active_directory) Re: Replication issues ... I wanted to say Zone Transfers not Zone Forwarding. ... on 2 servers out of 4 DNS servers. ... DNS and 2003 DNS and how to set up Conditional Forwarding. ... (microsoft.public.windows.server.active_directory) Re: Howto refresh IIS 6 Application pool identity credential info ... You already have 80% of the work setup (DNS Aliases and HostHeaders) on the ... domain accounts (one for each layer) should be sufficient. ... The Application Servers are load balanced clustered, ... as the account name and SPN alias is correctly defined on both nodes. ... (microsoft.public.inetserver.iis.security) Re: ad and dns setup ... domain It gave me 2 errors, no dns servers have dns records for this dc ... error no logon servers.. ... Make sure that the _msdcs zone exists and the scope is set to ... MCSE, MVP Directory Services ... (microsoft.public.windows.server.active_directory)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Win2000  > microsoft.public.win2000.networking  > 2005-04