Can't Connect to Domain after adding Gateway to Internet Router to

[Guest]

Hello,

I just added a second gateway on my network connection for an Internet
gateway on our Windows2000 server network. The PC's in question run
WindowsXP Pro. This affects all XP workstations no matter which sp is loaded.

The error "Windows Security Message" displayed "A domain controller for your
domain could not be contacted. You have been logged on using cached account
information. Changes made to your profile since you last logged on may not
be available.".

The interesting thing is that none of the workstations running Windows2000
sp3 have any problems at all. This leads me to think is has something to do
with WindowsXP Pro. If I remove the reference to the second gateway, the
error goes away.

The only thought I have is that because of the additional gateway, it is
taking longer to connect to the domain and that it is timing out giving the
above error. If that is the case I don't have any idea where to
check/correct this.

Anyone have any thoughts?

Thanks you in advance!

 

[Lanwench [MVP - Exchange]]

Hello,

I just added a second gateway on my network connection for an Internet
gateway on our Windows2000 server network. The PC's in question run
WindowsXP Pro. This affects all XP workstations no matter which sp
is loaded.

The error "Windows Security Message" displayed "A domain controller
for your domain could not be contacted. You have been logged on
using cached account information. Changes made to your profile since
you last logged on may not be available.".

The interesting thing is that none of the workstations running
Windows2000 sp3 have any problems at all. This leads me to think is
has something to do with WindowsXP Pro. If I remove the reference to
the second gateway, the error goes away.

The only thought I have is that because of the additional gateway, it
is taking longer to connect to the domain and that it is timing out
giving the above error. If that is the case I don't have any idea
where to check/correct this.

Anyone have any thoughts?

Thanks you in advance!

Why do you want another gateway?
Did you change your DNS settings at all?

 

[Guest]

Hi,

We added a router (USR8200) for our DSL connection. We added the IP addr of
the router (Per US Robotics). We also added the IP addr of the router to our
alternate DNS settings. Previously we had only the IP of our Win2000 server
as the DNS setting. We are not using DHCP, the USR router allows us to use a
static IP and class-B subnet on the lan side. We also have 2-CISCO 2620
routers that connect us to a remote site. Those routers are what we also
need in our gateway settings.

Thanks!

 

[Lanwench [MVP - Exchange]]

Hi,

We added a router (USR8200) for our DSL connection. We added the IP
addr of the router (Per US Robotics).
Where?

We also added the IP addr of
the router to our alternate DNS settings.

Ix-nay. that's your problem right there. All servers and workstations must
specify *only* the internal AD-integrated DNS server's IP address in their
network settings. The AD-integrated DNS server should be set up with
forwarders to your ISP's DNS servers for external resolution and/or use root
hints.

Previously we had only the

IP of our Win2000 server as the DNS setting. We are not using DHCP,
the USR router allows us to use a static IP and class-B subnet on the
lan side.

Sure, nothing says you have to use DHCP. I just don't see any sense in using
static addresses on workstations in the year 2005. Run DHCP off your domain
controller, not your router. Your dynamic DNS updates will be a lot happier.

We also have 2-CISCO 2620 routers that connect us to a
remote site. Those routers are what we also need in our gateway
settings.

No, that won't give you two simultaneous connections to two different
gateways. The routers themselves should handle the connection between the
networks and this should be fairly seamless to your workstations & servers.

I suggest you post an updated version of your message (after you fix your
DNS & gateways) in a more general networking group such as
m.p.win2000.networking.

 

[Guest]

Where?

It was added to the default gateway in our LAN connection.

Ix-nay. that's your problem right there. All servers and workstations must
specify *only* the internal AD-integrated DNS server's IP address in their
network settings. The AD-integrated DNS server should be set up with
forwarders to your ISP's DNS servers for external resolution and/or use root
hints.

I will check this out!

Previously we had only the

Sure, nothing says you have to use DHCP. I just don't see any sense in using
static addresses on workstations in the year 2005. Run DHCP off your domain
controller, not your router. Your dynamic DNS updates will be a lot happier.

I inherited this setup and am still in the learning stages of dealing with
routers, DNS, and DHCP. I do appreciate any direction as to the best
solution. I would like to learn a bit more before I completly redesign the
way this is setup. I'm just concerned I'll end up with a big mess and
nothing working!

No, that won't give you two simultaneous connections to two different
gateways. The routers themselves should handle the connection between the
networks and this should be fairly seamless to your workstations & servers.

Not to sound too ignorant but is this something I'll telnet into each of the
CISCO 2600 routers to setup?

I suggest you post an updated version of your message (after you fix your
DNS & gateways) in a more general networking group such as
m.p.win2000.networking.

I'll be more than happy to share the resolution to this voyage into the
causes of drinking!

My biggest question is still why this works fine on Windows2000 workstations
but not XP-Pro workstations.

 

[Lanwench [MVP - Exchange]]

It was added to the default gateway in our LAN connection.

On the server? Clients? Both?

I will check this out!

See KB 825036 for a W2k/AD article (still applies for W2003/SBS2003)

I inherited this setup and am still in the learning stages of dealing
with routers, DNS, and DHCP. I do appreciate any direction as to the
best solution. I would like to learn a bit more before I completly
redesign the way this is setup. I'm just concerned I'll end up with
a big mess and nothing working!

Understood. Might want to do this over a weekend. DHCP is a godsend, honest.

Not to sound too ignorant but is this something I'll telnet into each
of the CISCO 2600 routers to setup?

Well, not sure if telnet is how you will do it, but essentially/basically,
the routers should handle the routing, and your servers/clients shouldn't.

I'll be more than happy to share the resolution to this voyage into
the causes of drinking!

Oh, that's an entirely different topic, too extensive to launch into here.

My biggest question is still why this works fine on Windows2000
workstations but not XP-Pro workstations.

Can't say, but it's not a good setup, so fix it in general and then you will
be able to drink in peace.

 

[Guest]

On the server? Clients? Both?

I had added this to all clients attaching to the Internet router.

I have a second NIC in the Win2000 server to allow it to connect. That was
the only method at the time I could find that would also connect the server.

See KB 825036 for a W2k/AD article (still applies for W2003/SBS2003)

Thank you for the article! I read the article and will implement this on
the server in the next couple of days.

Understood. Might want to do this over a weekend. DHCP is a godsend, honest.

Thanks for the reccommendations, I do appreciate the expert advice! It's
like taking medicine sometimes. You have to do something you don't like to
get to something you do. Once I can take care of the router configuration
issues mentioned further down, I'll do this next.

Well, not sure if telnet is how you will do it, but essentially/basically,
the routers should handle the routing, and your servers/clients shouldn't.

Ok, was just making sure it was the router internal config that was in
question. I'm still trying to find the installation/config CD's that came
with the routers. These people didnt seem to think it was important to save
things like that!