I have two AD/DS servers set up, one in Birmingham and one in Tewkesbury. I can replicate the domain using VPN (hosted on the Birmingham side) but when I connect, I don't get local network access, therefore the server is made useless. I get remote network access, which is what allows me to synchronise, but no users can login or access the files on this server.
How can I get it so the server in Tewkesbury is connected to Birmingham via VPN (to replicate) but doesn't loose it's local network access (which allows people to login ect.), and keeps the remote access?
Thanks for posting here.
Are both sites in same subnet ?I suspect that you may have selected “Use default gateway on remote network” option in VPN connection properties if you are using windows build-in remote connections. All outbound system traffic will be routed to VPN interface because a default route entry will be added after VPN established. You can verify that by checking “route print” result :
Configure Routing on a VPN Client
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
What VPN are you using PPTP,L2TP, clienet to site,Site to site?
What equipment do you use to connect (Router, Firewall, RRAS) the two offices. Do the domain controllers hold other roles besides DNS? If the server is both a RRAS and a Domain Controller then that makes it a multihomed DC which is not a recommended configuration nor a supported one by Microsoft.
"I get remote network access, which is what allows me to synchronise, but no users can login or access the files on this server."
While connected through the VPN does name resolution function? If you ping servername does it respond? How about when you use ping the FQDN servername.domain.local? - Make sure you set the primary DNS address of the target.
Please provide more information regarding the network topology of your enviroment. What servers routers are there in each office and how are they configured.
MCTS - Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Can you ping the server?
You need to make sure that only ONE site is issuing DHCP, for example if you choose your main site it must issue DHCP as per the following:
IP Address: next available in DHCP Pool (On Same Range as Server etc)
Subnet: Same as Server
Gateway: Primary router IP at Main site
Primary DNS: Main DNS server OR AD Server IP address
Secondary DNS: ISP DNS Address OR Dedicated Internal DNS server which is configured for Internet Zones.
At the remote (non-main) site, ensure that DHCP is turned off and that the DHCP pass-thru is occuring from the main site.
If you find my information useful, please rate it. :-)
- Proposed as answer by netengineer.kamal Monday, March 12, 2012 9:04 AM