In our data centre on vmware esxi 5 I have three virtual servers as listed;
1. 2008 r2 read only dc (RD1)
2. 2008 application server (App1)
3. 2003 web application server (App2)
I have the two app servers use the cisco firewall in the data centre as their gateway and point the dns to the RODC (RD1). This allows the network logins to work over the VPN from head office. I have static routes for 20 pc's to both app servers.
RD1 obviously points back to the DC at head office. If I don't use a static route from the app servers back to head office DC then logins are slow and the 2003 server has issues with group policy and I end up with
Logon rejected for domain\user. Unable to obtain Terminal Server User Configuration. Error: The RPC server is unavailable.
and more worrying
Windows cannot obtain the domain controller name for your computer network. (An unexpected network error occurred. ). Group Policy processing aborted.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.