Help with login to the network

[ROBERT]

This is my problem:
I have two offices one in Miami the other one in Caracas.
Miami is the headquarter and in this office are running
the DNS server, Exchange server and the Domain controller.
Caracas is running as a memeber server with DHCP and WINS
servers on it. Our connection is through VPN but not VPN
Windows.
The point is, 2 weeks ago we got problem with the VPN
connection after fix the problem, In the server from
Caracas i got WINS problem with different IP address,
after a little information about this I fixed the problem,
but now is the big one, after have fixed the WINS problem
no body can login to the network... how the DNS is in
Miami well I thought we have problem with the VPN
connection probably that is the reason because they can't
login, but the problem is they can't login locally,
internally in the Caracas office, in other words they
can't login to the server right there, basically they have
two options to login....
first one, login as a local Administrator
Second one, re-starting their computers without connection
to the network, in other words disconnecting the cable
from the NIC card, once they got login to the netwrok and
got icons on the desktop then they connect the cable to
the NIC card and then they can run under the same domain,
same network and we can see the computer, send and receive
e-mails and also inter-exchange message with messenger.

I make a nslookup and everything is fine... I can ping
everything from miami and from caracas to miami, I don't
have any problem pinging names and/or Ip addresses, the
DNS IP address from the station of Caracas are pointing to
the DNS server in Miami and everything is running well.

Your help will be greatly appreciated.

I hope to be hearing from somebody soon.

Thank you very much

 

[Robert L [MS-MVP]]

this may help quoted form http://www25.brinkster.com/ChicagoTech
Network Routing Analysis

In our Lab, we have a network small network connecting to our main network
through 3COM wireless router and the main network has another Cisco router
connecting to the Internet. The computers in the Lab can ping main network
computers and the Internet. But computers in the main network can't ping the
lab computers. Here are settings:

LAB IP: 192.168.2.0 mask 255.255.255.0, GW (default gateway): 192.168.2.1
connecting to 3com router and then to 10.0.0.100 as GW in main network that
10.0.0.0 and 255.255.0.0. Main network has Cisco router GW is 10.0.0.2.

Analysis 1: before changing the route table, any computers in 192.168.2.0
can access the resources on 10.0.0.0 network and the Internet because all
traffic goes to 192.168.2.1 GW to 10.0.0.0 network and then through 10.0.0.2
GW to the Internet. However, computers on network 10.0.0.0 can't access the
192.168.2.0 network because all traffic will go to 10.0.0.2 GW.

Resolutions: all 10.0.0.X clients need to know how to get back to the
192.168.2.0 network. This can be accomplished in several ways:

1) Add a GW to each client pointing to 10.0.0.100 by using add 192.168.2.0
mask 255.255.0.0 10.0.0.100. Here is the route table after adding the route.

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x1000003 ...00 01 03 28 89 cf ...... 3Com EtherLink PCI
0x1000004 ...00 90 27 55 44 07 ...... Intel(R) PRO Adapter
===========================================================================

===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Mretric
0.0.0.0 0.0.0.0 10.0.0.2 10.0.0.11 1
10.0.0.0 255.255.0.0 10.0.0.11 10.0.0.11 1
10.0.0.11 255.255.255.255 127.0.0.1 127.0.0.1 1
10.0.0.20 255.255.255.255 10.0.0.11 10.0.0.11 1
10.255.255.255 255.255.255.255 10.0.0.11 10.0.0.11 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 10.0.0.100 10.0.0.11 1
224.0.0.0 224.0.0.0 10.0.0.11 10.0.0.11 1
255.255.255.255 255.255.255.255 10.0.0.11 10.0.0.11 1
Default Gateway: 10.0.0.2
===========================================================================
Persistent Routes:
None

2) Add route on the Cisco pointing 192.168.2.0 mask 255.255.255.0
10.0.0.100. The client then would send the 192.168.2 traffic to
10.0.0.2 which should then forward the packet to 10.0.0.2 and send the
client an ICMP Redirect to use 10.0.0.2 when talking to
192.168.2.x.
3) Also rather than adding static routes, you could configure the 2 routers
to dynamically learn each others routes via a routing protocol like RIP or
OSPF.

Analysis 2: After we tried one of the resolutions, still, we can't ping
192.168.2.x. The tracert shows any traffic to 192.168.2.0 will stop at GW
10.0.0.100. So, we know that the route table is correct but the 3COM router
block the traffic. After called 3COM tech support, we found this is one way
router.

Resolution: we must setup VPN to establish the connection between the
networks.

For more and other information, go to
http://www25.brinkster.com/ChicagoTech

Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Robert Lin, MS-MVP, MCSE & CNE
Windows & Network Support, Tips and FAQs on
http://www25.brinkster.com/ChicagoTech
This posting is provided "AS IS" with no warranties.