Can't contact Domain controller over VPN

Hi,

I have a router to router VPN using 2 Linksys BEFVP41s. At one ned of the
vpn is a NT4 domain, at the other end are a few PCs some 98, some XP.
Currently these PCs are connected to the domain via a leased line with a
bridge to the othe rLAN, so they all share the same IP address range and log
on in the same way. Now I want to use a VPN instead of a leased line, and I
have the VPN set up OK, but when I log on to the 98 PCs, I get a message
that no domain server was available to validate my password. So there's no
copying of profiles, no login script. However once the PC starts up, all the
apps work OK. In XP, its the same, there's just no message.
The domain controller problem thing is bugging me. How can I make the PCs
find the domain controller when they log on?

Thanks in advance,

SW

The Win98 machines will need NetBIOS name resolution (WINS or LMHosts) to
find the NT 4 domain controllers to logon. The WinXP also will need the
same since it's an NT 4 domain. If it were Win2000+, they would need host
name resolution (DNS or Hosts) to first locate the SRV RRs of the DCs before
establishing a secure logon channel with a DC to logon to the domain.

Virtual Private Networking with Windows Server 2003: Deploying Site-to-Site
VPNs:
http://www.microsoft.com/technet/pro.../vpndpls2.mspx

Step-by-Step Guide for Setting Up a PPTP-based Site-to-Site VPN Connection
in a Test Lab:
http://www.microsoft.com/downloads/d...DisplayLang=en

Virtual Private Networks for Windows Server 2003:
http://www.microsoft.com/windowsserv...n/default.mspx


--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights

Todd J Heron wrote:
> The Win98 machines will need NetBIOS name resolution (WINS or LMHosts) to
> find the NT 4 domain controllers to logon. The WinXP also will need the
> same since it's an NT 4 domain. If it were Win2000+, they would need host
> name resolution (DNS or Hosts) to first locate the SRV RRs of the DCs before
> establishing a secure logon channel with a DC to logon to the domain.
>
> Virtual Private Networking with Windows Server 2003: Deploying Site-to-Site
> VPNs:
> http://www.microsoft.com/technet/pro.../vpndpls2.mspx
>
> Step-by-Step Guide for Setting Up a PPTP-based Site-to-Site VPN Connection
> in a Test Lab:
> http://www.microsoft.com/downloads/d...DisplayLang=en
>
> Virtual Private Networks for Windows Server 2003:
> http://www.microsoft.com/windowsserv...n/default.mspx
>
>
Todd, thanks for your input. I am not sure how to provide the PCs with
the required name resolution. They all have a hosts file with IP
addresses and server names. The WINS server is at the same location as
the PDC, so I don't know how I can point the machines at it. All I know
is, they can see it, map drives to it, whatever, but not use it for name
resolution!

Regards
SW

"Todd J Heron" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> The Win98 machines will need NetBIOS name resolution (WINS or LMHosts) to
> find the NT 4 domain controllers to logon. The WinXP also will need the
> same since it's an NT 4 domain. If it were Win2000+, they would need host
> name resolution (DNS or Hosts) to first locate the SRV RRs of the DCs
before
> establishing a secure logon channel with a DC to logon to the domain.
>

Todd, what are "SRV RRs"?

Thanks,
SW

Alter the lmhosts file on the Win 9x machines or
configure the tcp/ip protocol / advanced to point
towards the WINS server. Alternatively you could
configure the clients to obtain an address on the same
tcp/ip subnet as your local LAN.

"S W" <(E-Mail Removed)> wrote in message news:...
>>
> Todd, thanks for your input. I am not sure how to provide the PCs with the
> required name resolution. They all have a hosts file with IP addresses and
> server names. The WINS server is at the same location as the PDC, so I
> don't know how I can point the machines at it. All I know is, they can see
> it, map drives to it, whatever, but not use it for name resolution!

"Michael Giorgio - MS MVP" <(E-Mail Removed)> wrote in
message news:(E-Mail Removed)...
> Alter the lmhosts file on the Win 9x machines or
> configure the tcp/ip protocol / advanced to point
> towards the WINS server. Alternatively you could
> configure the clients to obtain an address on the same
> tcp/ip subnet as your local LAN.
>

Thanks, I put lmhosts files on all the machines, they can now find the dc at
logon and everything is peaches and cream!

Regards
SW

Cool, Glad to help and thank you for the update.

"S W" <(E-Mail Removed)> wrote in message news:
> "Michael Giorgio - MS MVP" <(E-Mail Removed)> wrote in
> message news:(E-Mail Removed)...
>> Alter the lmhosts file on the Win 9x machines or
>> configure the tcp/ip protocol / advanced to point
>> towards the WINS server. Alternatively you could
>> configure the clients to obtain an address on the same
>> tcp/ip subnet as your local LAN.
>>
>
> Thanks, I put lmhosts files on all the machines, they can now find the dc
> at logon and everything is peaches and cream!
>

SW wrote:
> "Todd J Heron" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> The Win98 machines will need NetBIOS name resolution (WINS or LMHosts) to
>> find the NT 4 domain controllers to logon. The WinXP also will need the
>> same since it's an NT 4 domain. If it were Win2000+, they would need
>> host name resolution (DNS or Hosts) to first locate the SRV RRs of the
>> DCs before establishing a secure logon channel with a DC to logon to the
>> domain.
>>
>
> Todd, what are "SRV RRs"?
>
> Thanks,
> SW

Service resource records.

Managing resource records:
http://www.microsoft.com/technet/pro...9592a8028.mspx


--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights

Thanks,

Lokks like that's another thing I need to understand before upgrading the
domain.

Is a DNS server _essential_ for a W2003 domain?

Regards
SW

"Todd J Heron" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> SW wrote:
>> "Todd J Heron" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>> The Win98 machines will need NetBIOS name resolution (WINS or LMHosts)
>>> to
>>> find the NT 4 domain controllers to logon. The WinXP also will need the
>>> same since it's an NT 4 domain. If it were Win2000+, they would need
>>> host name resolution (DNS or Hosts) to first locate the SRV RRs of the
>>> DCs before establishing a secure logon channel with a DC to logon to the
>>> domain.
>>>
>>
>> Todd, what are "SRV RRs"?
>>
>> Thanks,
>> SW
>
> Service resource records.
>
> Managing resource records:
> http://www.microsoft.com/technet/pro...9592a8028.mspx
>
>
> --
> Todd J Heron, MCSE
> Windows Server 2003/2000/NT; CCA
> ----------------------------------------------------------------------------
> This posting is provided "as is" with no warranties and confers no rights
>

S W wrote:
> Thanks,
>
> Lokks like that's another thing I need to understand before upgrading the
> domain.
>
> Is a DNS server _essential_ for a W2003 domain?

Yes!

--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights