You are not NAT'ing the clients to the Domain Controller are you? I think
you are by the fact that the branch office shares 1 IP address.
Domain Logon can NOT be NAT'd while SMB/CIFS can be (ie map drives)
Francis Gibbons
Network Architect, CCSI, CCNP, CNE, MCSE
Global Knowledge Network (Canada)
Email: [EMAIL PROTECTED]
----- Original Message -----
From: "Jim Bond" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, December 07, 2000 1:18 AM
Subject: tough VPN question
> Hello,
>
> I'm trying to set up a IPSec between a PIX (branch
> office) and router (central office). All PCs at branch
> office share 1 ip address. IPSec seems to be working
> fine because clients can ping/telnet/email/map drives
> from/to central office. The problem is they can't
> logon NT domain. They can ping domain controller
> though.
>
> Any idea why they can't log on NT domain? (The
> machines were already added to domain)
>
> Thanks in advance.
>
>
> Jim
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Shopping - Thousands of Stores. Millions of Products.
> http://shopping.yahoo.com/
>
> _______________________________________________________
> To unsubscribe from the CCIELAB list, send a message to
> [EMAIL PROTECTED] with the body containing:
> unsubscribe ccielab
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
