Hi to all
I have problem with RODC and Perimeter Network.
Here is my situation
I've got Network 192.168.1.0/24 that has two (2) Writable Domain Controllers based on Windows 2008 R2
I'd created second routable network 172.16.0.0/24 that has one Read-Only Domain Controller .
Between the networks there is a firewall configured only for DNS TCP/UDP traffic and UDP 500 (IKE) . I'd created IPSEC Tunnel Between WRDC and RODC using Windows Firewall with Advanced Settings .
All of the domains and server in both networks are working fine (replication,SMB, network time, DNS etc)
After that I wanted to create another perimeter network with only one server that will be connected to my corporate domain . So again with Windows Firewall and UDP IPSEC Tunneling I created connection from my third network to my RODC . The third network
is routable and it address space is 10.10.10.0/24
Again : I can ping RODC from the third network , and using Office domain Join I added Windows 2008 R2 Server to the Corporate domain.(pre-created account is replicated to RODC)
When I reboot the server I can't login with my domain credentials . IPSEC tunnel to RODC is working fine from 10.10.10.0 to RODC and RODC to WRDC .
I've created AD Site Links and Subnets to point RODC but again nothing is working. If I join Servers to RODC Network they are working fine and authenticate correctly . The only problem is that i can't authenticate to RODC from the 3rd network .
Any ideas ?
BTW : IPSEC tunnel is configured for now with Pre-Shared Keys . No one should connect directly to WRDC . Every server(s) should be in separate network with limited open Firewall port
I can provide some diagram for better understanding my situation
