Pinging does not verify name resolution for WINS. Ping will resolve a name
using DNS. MS uses WINS (NetBIOS naming) for Domain Logins and for mapping
drives, etc.
Try this link on Cisco's website for help with coordinating your NT domain
with your network layout:
http://www.cisco.com/warp/public/473/winnt_dg.htm
It covers WINS and things like that.
Ben
"Jim Bond" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
>
> Thank you guys for the help. Unfortunately, I tried to
> put LMHOST file, still doesn't work. We use WINS and I
> can ping domain controller using name so I don't think
> it's naming issue.
>
> I used a sniffer captured some data, client is sending
> logon request to domain controller but didn't get any
> response. Looks like PIX blocks it. How do I open
> it(port 137, 138, 139)?
>
> Thanks in advance.
>
>
> Jim
>
> --- Scott Morris <[EMAIL PROTECTED]> wrote:
> > Your problem is likely the propgation of
> > broadcasts... Or lack thereof.
> > One thing you can do (I'm assuming you have a router
> > before (LAN-side) the
> > PIX) is set up an ip-helper address to forward
> > UDP-level broadcasts (like
> > 138/139 Netbios) to the NT server.
> >
> > The other thing you can do is bypass that broadcast
> > thought process by using
> > LMHosts files on the workstations at the branch
> > office. That will pre-load
> > (if you use the #PRE designation) the NetBIOS cache
> > and give you IP
> > addresses to go to. So if you have IP reachability,
> > things will work just
> > fine then.
> >
> > In LMHOSTS. :
> >
> > (ip address) (Netbios name) #PRE #DOM:(domain name
> > if domain controller)
> >
> > Also, to refresh without rebooting the PCs, "nbtstat
> > -R"
> >
> > Hope this helps!
> >
> > Scott
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Jim Bond
> > Sent: Thursday, December 07, 2000 1:19 AM
> > To: [EMAIL PROTECTED]
> > Cc: [EMAIL PROTECTED]
> > Subject: tough VPN question
> >
> >
> > Hello,
> >
> > I'm trying to set up a IPSec between a PIX (branch
> > office) and router (central office). All PCs at
> > branch
> > office share 1 ip address. IPSec seems to be working
> > fine because clients can ping/telnet/email/map
> > drives
> > from/to central office. The problem is they can't
> > logon NT domain. They can ping domain controller
> > though.
> >
> > Any idea why they can't log on NT domain? (The
> > machines were already added to domain)
> >
> > Thanks in advance.
> >
> >
> > Jim
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Shopping - Thousands of Stores. Millions of
> > Products.
> > http://shopping.yahoo.com/
> >
> >
> _______________________________________________________
> > To unsubscribe from the CCIELAB list, send a message
> > to
> > [EMAIL PROTECTED] with the body containing:
> > unsubscribe ccielab
> >
> > _________________________________
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Shopping - Thousands of Stores. Millions of Products.
> http://shopping.yahoo.com/
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
