Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Microsoft Domain Controllers and VPN

Is there a good documnet that explains the best way to setup a site to site vpn and utilize the features of Windows domain controller. My VPN tunnels work fine but I am unable to log on to the DC. My networks are on two different subnets. I have read that installing and configuring WINS may be the best way to go. Is this the case or is there a better method?


Re: Microsoft Domain Controllers and VPN

You certainly should use WINS, or in an envrionment that consists of win2000, win xp, or higher MS OS levels - DNS as WINS may not be necessary in that environment. What wins and dns do, is to remove the broadcast name query method from being used, as most firewalls and gateways will block and not forward those bcast packets.

What type of vpn endpoints are you using? PIX, IOS, other?

Another item that you may run into is path mtu discovery. IPSec VPNS encrypt and then fragment, and newer devices can do adjustments of the tcp mss size, or override the df bit.

If you still hae questions, please post the vpn device configs here, scrubbing any sensitive info and I can try to help.

New Member

Re: Microsoft Domain Controllers and VPN

Thanks for the reply. I am using PIX 501's running 6.3 I will do a little more homework based on the reply you left. I will certainly post more if I cannot resolve the issue.

CreatePlease to create content