cannot get DC's to talk to each other

[rasczak]

i've got a slight issue i was hoping you guys could help me answer.

server 2003

dc1: 192.168.0.1 -> switch1

switch1 <-> switch2

dc2: 192.168.1.1 -> switch2

the issue I'm having is i need to create a trust between the two domains, but i cannot get them to see each other. I've dns entries but am still unable to get them to talk to each other. When i ping i get destination host unreachable. nslookup gives me dns timed out.

fyi both dc's are also forest root of their domains and have already been raised to 2003 forest level if that helps any.

thanks in advance.

let me know if you need any more info.

 

[jlazzaro]

"destination host unreachable" means there is no route between dc1 and dc2 which is independant of any AD configuration.

please ellaborate on your topology. since dc1 and dc2 are both on different subnets (assuming a /24 mask) they need a layer 3 device to route between them (be it another gateway, router on a stick, secondary addressing, etc)

 

[rasczak]

switch1 and switch2 are both unmanaged switches. Sorry if this is not info, I'm not to sure what else you may need. I do have an SSg 550, but I've not had the time to configure this (first I am learning about it, second I had to deadline to meet in getting the servers up and running. )

 

[jlazzaro]

what are you using for routing, rather, what device is configured with the default gateway that your servers / users are given?

do these dc's have to be in seperate subnets?

 

[RebateMonger]

As noted, of two PCs aren' t in the same subnet, they aren't going to talk at all. Assuming different subnets, you need a router in "routing mode" (not "NAT mode") for them to see each other.

 

[spikespiegal]

...Or slap an extra IP address on one of the NICs. Windows can do this you know.

I'd rather use a router....but...you have to do what you have to do.