Site-to-Site VPN with Safe@Office 225 and 110 Firewalls.

This is kind of long, and I apologize in advance for it, but it's a
very perplexing problem, that deserves attention, and a thorough
explanation.

I have a main office with a 225 appliance, and a remote office with a
110 appliance. We've created the VPN tunnel, and are connected to the
main site using the tunnel just fine, but are having difficulties
joining the domain at the main office.

Main Office IP Scheme
192.168.10.X
CheckPoint device 10.1 as gateway and it does DHCP and is supposed to
be passing DNS thru to the clients.
The DC is a static 10.10 address
DNS and DHCP is being handled to clients other than the server.

Remote Office IP Scheme
192.168.20.X
CheckPoint device 20.1 as gateway and it does DHCP
Clients are using 20.1 as DNS servers, and can surf fine.

This I believe is totally a DNS issue. But since we can surf, DNS is
actually ok, just can't join the domain. I have verified the SRV
records on the DC, supplied the DNS numbers at the main site to the
remote site, and can surf, but not join.

Problems are as follows:
1. The clients cannot join the domain, nor can they authenticate to the
domain, but can search for the 192.168.10.10 address and can find it.

2. At a client PC, nslookup returns no server name, and the 20.1
gateway address.

3. Cannot ping the NetBIOS name of the server, but can ping by IP
address.

If you need more information, please ask, I can answer almost anything.
 I've been working with this client for 2 weeks now everyday, trying to
resolve the problem.

Any help is appreciated, and if you made it this far, I greatly
appreciate it.

Red_Foreman
Received on Tue Jan 3 03:40:04 2006