1

This is the first time I have encountered such a strange problem. I am not able to join my machines with domain.

Here are details.

Subnets:
192.168.1.0/24
192.168.2.0/24

both subnets can successfully ping each other. Routing is symmetric.

Domain: corpltd.com
DC: 192.168.1.1
Members Machines: 192.168.1.10 to 15

I can ping DC from my 192.168.2.0/24 subnet. Even though I can telnet to port 53 but I cant resolve any name. I was getting 2 Second Request Timeout. I tried all the technet troubleshooting documents relating to DNS Resolution problem but none was good in my fate.

Later I got to know that I can telnet to IIS port 192.168.1.5:80 but cant access to IIS Website and I can telnet ftp 192.168.1.7:21 but cant access to ftp from 192.168.2.0/24 subnet.

When I unjoined the 1.7 and 1.5 machines from the domain corpltd.com I was able to access every services running on 1.7 and 1.5 from 192.168.2.0/24 subnet.

After deep investigation It was concluded that services running on machines of 192.168.1.0/24 subnet that are domain-joined are inaccessible from other subnet. If I unjoin them from domain, I was able to access services from different subnet.

I am thinking that my Domain Controller has such configurations that is not allowing other subnets to access services of domain joined machines. looking forward for your help.

PS : There is no firewall running in my environment.

Saqib Rao
  • 111
  • 2
  • "There is no firewall running in my environment." The data you presented speaks otherwise. You can ping, so IP connectivity is working, so there *is* a firewall involved somewhere. It's up to you to locate it and modify the firewall rules to allow the required traffic. – EEAA Jun 25 '16 at 19:18
  • How can I telnet to the ports then? – Saqib Rao Jun 25 '16 at 19:22
  • Being able to telnet to an IIS service has nothing to do with your ability to join the domain. You need to look at Microsoft's documentation for what ports are required to be open between clients and domain controllers. Right now, DNS seems to be an immediate problem, so I'd recommend starting there. – EEAA Jun 25 '16 at 19:46
  • I can telnet each and every port. Not only IIS. – Saqib Rao Jun 25 '16 at 20:13
  • inspite of successful IIS and other services telnet connection. I cant access those services. – Saqib Rao Jun 25 '16 at 20:14

1 Answers1

-1

You cannot because they are different networks, you can only if you add a router to forward each network to another and then pc of the first network will find the server of the second network.

N3kos
  • 17
  • 2
  • There must be routing connectivity because this is described in the first couple of paragraphs of the question. – roaima Jun 05 '18 at 07:46