{"id":265,"date":"2007-09-25T12:15:26","date_gmt":"2007-09-25T15:15:26","guid":{"rendered":"http:\/\/talsoft.com.ar\/weblog\/?p=265"},"modified":"2007-09-29T12:17:23","modified_gmt":"2007-09-29T15:17:23","slug":"conectar-sites-de-active-directory-por-vpn","status":"publish","type":"post","link":"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/","title":{"rendered":"Conectar Sites de Active Directory por VPN"},"content":{"rendered":"

Aca dejo una soluci\u00c3\u00b3n a un problema que me volvio loco, resulta que quer\u00c3\u00ada agregar un Domain Controller a un Dominio existente\u00c2\u00a0por VPN,\u00c2\u00a0con diferentes subredes\u00c2\u00a0y no\u00c2\u00a0lograba conectarse entre ellos. <\/font><\/p>\n

El instalador de Active Directory mostraba un error de que no encontraba el nombre del servidor que contenia el Dominio existente.<\/font><\/p>\n

Luego de investigar, ver la configuraci\u00c3\u00b3n del DNS, el Firewall de CISCO, llegue a una soluci\u00c3\u00b3n:<\/font><\/p>\n

<\/p>\n

Se debe modificar la siguiente clave del registro en el Servidor de Active Directory:<\/font><\/p>\n

<\/p>\n

Setea Kerberos sobre TCP en vez de UDP.
\n<\/font>[HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\
\nControl\\Lsa\\Kerberos\\Parameters]
\n“MaxPacketSize”=dword:00000001<\/font><\/span><\/p>\n

<\/font><\/span><\/p>\n

Esta modificaci\u00c3\u00b3n permite que el servidor que intenta agregarse al Domain Controller a un Dominio existente, lo oblige a conectarse al Kerberos por TCP en vez de UDP. Se ve que la conexion por UDP al pasar por la VPN, se perdia entre la NAT y el firewall de CISCO.<\/font><\/span><\/p>\n

Espero que les haya sido util, esta informaci\u00c3\u00b3n.<\/font><\/span><\/p>\n

<\/span><\/font><\/p>\n

Mas INFO: http:\/\/www.sfu.ca\/ad\/kerberos\/index.html<\/a><\/font><\/span><\/p>\n

Saludos,<\/font><\/span><\/p>\n

Leandro Ferrari<\/font><\/span><\/p>\n

<\/font><\/p>\n

<\/font><\/p>\n","protected":false},"excerpt":{"rendered":"

Aca dejo una soluci\u00c3\u00b3n a un problema que me volvio loco, resulta que quer\u00c3\u00ada agregar un Domain Controller a un Dominio existente\u00c2\u00a0por VPN,\u00c2\u00a0con diferentes subredes\u00c2\u00a0y no\u00c2\u00a0lograba conectarse entre ellos. El instalador de Active Directory mostraba un error de que no encontraba el nombre del servidor que contenia el Dominio existente. Luego de investigar, ver la […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[2,1],"tags":[],"class_list":["post-265","post","type-post","status-publish","format-standard","hentry","category-personales","category-profesional"],"yoast_head":"\nTalSoft - Seguridad Inform\u00e1tica Empresarial - Conectar Sites de Active Directory por VPN<\/title>\n<meta name=\"description\" content=\"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Leandro Ferrari\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/\"},\"author\":{\"name\":\"Leandro Ferrari\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8\"},\"headline\":\"Conectar Sites de Active Directory por VPN\",\"datePublished\":\"2007-09-25T15:15:26+00:00\",\"dateModified\":\"2007-09-29T15:17:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/\"},\"wordCount\":187,\"publisher\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\"},\"articleSection\":[\"Personales\",\"Profesional\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/\",\"name\":\"TalSoft - Seguridad Inform\u00e1tica Empresarial - Conectar Sites de Active Directory por VPN\",\"isPartOf\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#website\"},\"datePublished\":\"2007-09-25T15:15:26+00:00\",\"dateModified\":\"2007-09-29T15:17:23+00:00\",\"description\":\"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.\",\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#website\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/\",\"name\":\"TalSoft TS - Services IT Security\",\"description\":\"Talsoft is transforming awareness, control and decision-making power so that companies can protect their critical and confidential information from computer attacks.\",\"publisher\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.talsoft-security.com\/site\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#organization\",\"name\":\"Talsoft TS\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png\",\"contentUrl\":\"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png\",\"width\":270,\"height\":125,\"caption\":\"Talsoft TS\"},\"image\":{\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"http:\/\/www.facebook.com\/talsoftsrl\",\"https:\/\/x.com\/talsoft\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8\",\"name\":\"Leandro Ferrari\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g\",\"caption\":\"Leandro Ferrari\"},\"sameAs\":[\"http:\/\/www.talsoft.com.ar\",\"https:\/\/www.facebook.com\/talsoftsrl\/\",\"https:\/\/x.com\/avatar_leandro\"],\"url\":\"https:\/\/www.talsoft-security.com\/site\/author\/leandro\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TalSoft - Seguridad Inform\u00e1tica Empresarial - Conectar Sites de Active Directory por VPN","description":"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/","twitter_misc":{"Written by":"Leandro Ferrari","Estimated reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/#article","isPartOf":{"@id":"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/"},"author":{"name":"Leandro Ferrari","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8"},"headline":"Conectar Sites de Active Directory por VPN","datePublished":"2007-09-25T15:15:26+00:00","dateModified":"2007-09-29T15:17:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/"},"wordCount":187,"publisher":{"@id":"https:\/\/www.talsoft-security.com\/site\/#organization"},"articleSection":["Personales","Profesional"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/","url":"https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/","name":"TalSoft - Seguridad Inform\u00e1tica Empresarial - Conectar Sites de Active Directory por VPN","isPartOf":{"@id":"https:\/\/www.talsoft-security.com\/site\/#website"},"datePublished":"2007-09-25T15:15:26+00:00","dateModified":"2007-09-29T15:17:23+00:00","description":"Talsoft transforma la visi\u00f3n de las empresas para que puedan proteger su informaci\u00f3n cr\u00edtica y confidencial frente ataques inform\u00e1ticos. Cons\u00faltenos sin cargo.","inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.talsoft-security.com\/site\/conectar-sites-de-active-directory-por-vpn\/"]}]},{"@type":"WebSite","@id":"https:\/\/www.talsoft-security.com\/site\/#website","url":"https:\/\/www.talsoft-security.com\/site\/","name":"TalSoft TS - Services IT Security","description":"Talsoft is transforming awareness, control and decision-making power so that companies can protect their critical and confidential information from computer attacks.","publisher":{"@id":"https:\/\/www.talsoft-security.com\/site\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.talsoft-security.com\/site\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.talsoft-security.com\/site\/#organization","name":"Talsoft TS","url":"https:\/\/www.talsoft-security.com\/site\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/","url":"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png","contentUrl":"https:\/\/www.talsoft-security.com\/site\/wp-content\/uploads\/2014\/02\/talsoft_logo_270x125.png","width":270,"height":125,"caption":"Talsoft TS"},"image":{"@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/talsoftsrl","https:\/\/x.com\/talsoft"]},{"@type":"Person","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/83d2ebde035a5a030c14e522351953c8","name":"Leandro Ferrari","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.talsoft-security.com\/site\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cd259c10675b9fd302b2e6264231febeeeb3de578400cf8c91c6577e50a0d34a?s=96&d=mm&r=g","caption":"Leandro Ferrari"},"sameAs":["http:\/\/www.talsoft.com.ar","https:\/\/www.facebook.com\/talsoftsrl\/","https:\/\/x.com\/avatar_leandro"],"url":"https:\/\/www.talsoft-security.com\/site\/author\/leandro\/"}]}},"_links":{"self":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/comments?post=265"}],"version-history":[{"count":0,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/posts\/265\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/media?parent=265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/categories?post=265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.talsoft-security.com\/site\/wp-json\/wp\/v2\/tags?post=265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}