×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

RV082 - AD Authentication over Gateway-to-Gateway VPN

Unanswered Question
Jul 3rd, 2013
User Badges:

I've got a central location with a Cisco 2911 router (192.168.1.x /24).


I've got several remote locations that have the RV082's with their own subnets (192.168.x.x/24).  Each RV handles it's own DHCP.


Each RV082 has a gateway-to-gateway vpn back to the 2911.


The vpn's all connect just fine and I'm able to use resources back at the central location with no issues at all.


My problem is, I can't login to the domain that is hosted at the central location.


I can ping the DC's back at the central location by name and by ip.  The RV's just don't seem to be able to route the login info back to the central location to the DC's for authentication.


I can supply more info if needed, but here's to hoping someone responds back with something like 'Just tick the box that says ....' and that'll do the trick!


Thanks In Advance for any pointers!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Samir Darji Thu, 07/04/2013 - 10:53
User Badges:
  • Bronze, 100 points or more
  • Community Spotlight Award,

    Small Business, February 2015

Can you see the resources by IP or by netbios name?  If you can't see it by netbios name, try ticking the box for Netbios in your site-to-site configuration.


Otherwise, this might be a restriction of some sort on the Cisco 2911 as I don't think the rv's are sophisticated enough to block a login, ping.



Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

bubarooni Fri, 07/05/2013 - 06:46
User Badges:

I had 'Netbios Broadcast' ticked on the VPN -> Gateway To Gateway page under the section titled 'Advanced' at the bottom of the page.


At the remote locations I can ping devices at the home location by IP and by name, including the DC's.

Samir Darji Tue, 07/09/2013 - 07:16
User Badges:
  • Bronze, 100 points or more
  • Community Spotlight Award,

    Small Business, February 2015

Do you have IPComp (IP Compression) enabled?



Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

bubarooni Tue, 07/09/2013 - 16:17
User Badges:

Hey Samir,


No, I do not have IPComp on. 


Hey Anjana,


I'm not having any issues with creating tunnels, that works like a charm.  It's authenticating to my AD servers at the central location that's killing me.  I'm looking for a way to make the router realize that the authentication requests need to be passed back to the central location's subnet where the domain controllers reside.

Samir Darji Thu, 07/11/2013 - 07:39
User Badges:
  • Bronze, 100 points or more
  • Community Spotlight Award,

    Small Business, February 2015

Hmm...I think I didn't fully understand what you were trying to do.


How does the authentication work?  Do you specify an IP or DNS name for the authentication request to target?  Or would the router have to figure this out automatically?



Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Actions

This Discussion