Windows 2000 Server Communication Through VPN

[Andy]

I have 2 Windows 2000 servers that are set-up on different subnets
through a Cisco VPN tunnel. Server-A remote site (child domain) and
Server-B Central Office (parent of child). When Servers A and B are at
the central office and Server-A's IP address changed to match that of
the Central office servers, all servers talk and are happy in w/o any
errors. Once Server-A goes to its remote site I can still ping between
both sites, do both forward and reverse lookups between both sites,
sniff packets traveling through the tunnel between both servers and
view shares on folders on both servers. BUT, when I try to access
Server-A's AD from Server-B, I get "No authority could be contacted for
authentication..." ?????

1) DNS is configured on both servers and apparently works
2) The trust relationship between servers can be verified
while they are at their respective sites
3) All other server functions are up (ie users can logon to
the child domain, etc)

So, what's wrong? Ping works resolution works packets go back and
forth (SYN & ACK)

HELP!

Any would be appreciated, Thanks
Andy

 

[Kurt]

I would look at DNS as the biggest possibility, even though you say it seems
to be working. Since these are two different domains, how did you handle
name resolution between domains? Delegation would be a good choice. Since
everything works at the local site but not when you move the server to the
remote site, the difference is that you can broadcast and resolve names via
NetBIOS when on the same LAN, but must rely on a name server of some kind
(DNS/WINS) to resolve names across the routed connection. What are the
results of nslookup between domains?

....kurt