No local access when VPN is connected
-
Saturday, June 11, 2011 3:36 PM
Hi guys,
I have two AD/DS servers set up, one in Birmingham and one in Tewkesbury. I can replicate the domain using VPN (hosted on the Birmingham side) but when I connect, I don't get local network access, therefore the server is made useless. I get remote network access, which is what allows me to synchronise, but no users can login or access the files on this server.
How can I get it so the server in Tewkesbury is connected to Birmingham via VPN (to replicate) but doesn't loose it's local network access (which allows people to login ect.), and keeps the remote access?
Thanks,
Ben
All Replies
-
Monday, June 13, 2011 8:28 AMModerator
Hi Ben,
Thanks for posting here.
Are both sites in same subnet ?I suspect that you may have selected “Use default gateway on remote network” option in VPN connection properties if you are using windows build-in remote connections. All outbound system traffic will be routed to VPN interface because a default route entry will be added after VPN established. You can verify that by checking “route print” result :
Configure Routing on a VPN Client
http://technet.microsoft.com/en-us/library/ff687859(WS.10).aspx
Thanks.
Tiger Li
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.- Marked As Answer by Tiger LiModerator Monday, June 20, 2011 1:59 AM
- Unmarked As Answer by Ben Freke Friday, June 24, 2011 10:28 AM
-
Friday, June 24, 2011 10:21 AM
They are both on the same subnet and "Use default gateway on remote network" is not selected. Is there anywhere I can get the exact procedure for Domain Replication over VPN?
Many thanks,
Ben
-
Saturday, December 31, 2011 12:38 AM
Hi Ben,
What VPN are you using PPTP,L2TP, clienet to site,Site to site?
What equipment do you use to connect (Router, Firewall, RRAS) the two offices. Do the domain controllers hold other roles besides DNS? If the server is both a RRAS and a Domain Controller then that makes it a multihomed DC which is not a recommended configuration nor a supported one by Microsoft.
"I get remote network access, which is what allows me to synchronise, but no users can login or access the files on this server."
While connected through the VPN does name resolution function? If you ping servername does it respond? How about when you use ping the FQDN servername.domain.local? - Make sure you set the primary DNS address of the target.
Please provide more information regarding the network topology of your enviroment. What servers routers are there in each office and how are they configured.
MCTS - Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. -
Friday, January 13, 2012 2:30 AM
Hi,
Can you ping the server?
You need to make sure that only ONE site is issuing DHCP, for example if you choose your main site it must issue DHCP as per the following:
IP Address: next available in DHCP Pool (On Same Range as Server etc)
Subnet: Same as Server
Gateway: Primary router IP at Main site
Primary DNS: Main DNS server OR AD Server IP address
Secondary DNS: ISP DNS Address OR Dedicated Internal DNS server which is configured for Internet Zones.
At the remote (non-main) site, ensure that DHCP is turned off and that the DHCP pass-thru is occuring from the main site.
Kind Regards,
Martin
If you find my information useful, please rate it. :-)- Proposed As Answer by netengineer.kamal Monday, March 12, 2012 9:04 AM
-
Wednesday, February 01, 2012 10:27 AMcheck youre ip address, and is computer get from DHCP from other site or local site?
.png)
