Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1078
Views
0
Helpful
6
Replies

RV082 - AD Authentication over Gateway-to-Gateway VPN

bubarooni
Level 1
Level 1

‎07-03-2013 01:22 PM

I've got a central location with a Cisco 2911 router (192.168.1.x /24).

I've got several remote locations that have the RV082's with their own subnets (192.168.x.x/24).  Each RV handles it's own DHCP.

Each RV082 has a gateway-to-gateway vpn back to the 2911.

The vpn's all connect just fine and I'm able to use resources back at the central location with no issues at all.

My problem is, I can't login to the domain that is hosted at the central location.

I can ping the DC's back at the central location by name and by ip.  The RV's just don't seem to be able to route the login info back to the central location to the DC's for authentication.

I can supply more info if needed, but here's to hoping someone responds back with something like 'Just tick the box that says ....' and that'll do the trick!

Thanks In Advance for any pointers!

Labels:
0 Helpful
6 Replies 6

SamirD
Level 5
Level 5

‎07-04-2013 10:53 AM

Can you see the resources by IP or by netbios name?  If you can't see it by netbios name, try ticking the box for Netbios in your site-to-site configuration.

Otherwise, this might be a restriction of some sort on the Cisco 2911 as I don't think the rv's are sophisticated enough to block a login, ping.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
0 Helpful

bubarooni
Level 1
Level 1
In response to SamirD

‎07-05-2013 06:46 AM

I had 'Netbios Broadcast' ticked on the VPN -> Gateway To Gateway page under the section titled 'Advanced' at the bottom of the page.

At the remote locations I can ping devices at the home location by IP and by name, including the DC's.

0 Helpful

SamirD
Level 5
Level 5

‎07-09-2013 07:16 AM

Do you have IPComp (IP Compression) enabled?

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
0 Helpful

anjraj
Level 1
Level 1

‎07-09-2013 12:46 PM

Here's an article about Gateway-to-Gateway configuration that might help with the issues you're having: Configuration of Gateway-to-Gateway on VPN RV016, RV042, RV042G, and RV082 VPN Routers.

Hope this helps,

Anjana

0 Helpful

bubarooni
Level 1
Level 1
In response to anjraj

‎07-09-2013 04:17 PM

Hey Samir,

No, I do not have IPComp on. 

Hey Anjana,

I'm not having any issues with creating tunnels, that works like a charm.  It's authenticating to my AD servers at the central location that's killing me.  I'm looking for a way to make the router realize that the authentication requests need to be passed back to the central location's subnet where the domain controllers reside.

0 Helpful

SamirD
Level 5
Level 5
In response to bubarooni

‎07-11-2013 07:39 AM

Hmm...I think I didn't fully understand what you were trying to do.

How does the authentication work?  Do you specify an IP or DNS name for the authentication request to target?  Or would the router have to figure this out automatically?

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
0 Helpful
Customers Also Viewed These Support Documents