none
No local access when VPN is connected

    Question

  • Hi guys,

    I have two AD/DS servers set up, one in Birmingham and one in Tewkesbury. I can replicate the domain using VPN (hosted on the Birmingham side) but when I connect, I don't get local network access, therefore the server is made useless. I get remote network access, which is what allows me to synchronise, but no users can login or access the files on this server.

    How can I get it so the server in Tewkesbury is connected to Birmingham via VPN (to replicate) but doesn't loose it's local network access (which allows people to login ect.), and keeps the remote access?

    Thanks,

    Ben

    Saturday, June 11, 2011 3:36 PM

All replies

  • Hi Ben,

     

    Thanks for posting here.

     

    Are both sites in same subnet ?I suspect that you may have selected “Use default gateway on remote network” option in VPN connection properties if you are using windows build-in remote connections. All outbound system traffic will be routed to VPN interface because a default route entry will be added after VPN established. You can verify that by checking “route print” result :

     

    Configure Routing on a VPN Client

    http://technet.microsoft.com/en-us/library/ff687859(WS.10).aspx

     

    Thanks.

     

    Tiger Li


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by Tiger Li Monday, June 20, 2011 1:59 AM
    • Unmarked as answer by Ben Freke Friday, June 24, 2011 10:28 AM
    Monday, June 13, 2011 8:28 AM
  • They are both on the same subnet and "Use default gateway on remote network" is not selected. Is there anywhere I can get the exact procedure for Domain Replication over VPN?

    Many thanks,

    Ben

    Friday, June 24, 2011 10:21 AM
  • Hi Ben,

    What VPN are you using PPTP,L2TP, clienet to site,Site to site?

    What equipment do you use to connect (Router, Firewall, RRAS) the two offices. Do the domain controllers hold other roles besides DNS? If the server is both a RRAS and a Domain Controller then that makes it a multihomed DC which is not a recommended configuration nor a supported one by Microsoft.

    "I get remote network access, which is what allows me to synchronise, but no users can login or access the files on this server."

    While connected through the VPN does name resolution function? If you ping servername does it respond? How about when you use ping the FQDN servername.domain.local? - Make sure you set the primary DNS address of the target.

    Please provide more information regarding the network topology of your enviroment. What servers routers are there in each office and how are they configured.


    MCTS - Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Saturday, December 31, 2011 12:38 AM
  • Hi,

    Can you ping the server?

    You need to make sure that only ONE site is issuing DHCP, for example if you choose your main site it must issue DHCP as per the following:

     

    IP Address: next available in DHCP Pool (On Same Range as Server etc)

    Subnet: Same as Server

    Gateway: Primary router IP at Main site

    Primary DNS: Main DNS server OR AD Server IP address

    Secondary DNS: ISP DNS Address OR Dedicated Internal DNS server which is configured for Internet Zones.

     

    At the remote (non-main) site, ensure that DHCP is turned off and that the DHCP pass-thru is occuring from the main site.

     

    Kind Regards,

    Martin

     


    If you find my information useful, please rate it. :-)
    Friday, January 13, 2012 2:30 AM
  • check youre ip address, and is computer get from DHCP from other site or local site?
    Wednesday, February 01, 2012 10:27 AM