Re: Roaming Boundaries and VPN

Tech-Archive recommends: Speed Up your PC by fixing your registry

---

• From: "Kim Oppalfens [MVP]" <""Kim dot Oppalfens\"@google mail.com">
• Date: Mon, 25 Jun 2007 10:19:48 +0200

---

Bill Bradley wrote:

I'm a little confused about how to correctly setup Roaming Boundaries.

I'm one of about 175 Primary sites, each one being an ADS sites, and, having its own IP subnet or fractional subnet assigned.

Each site could have laptops assigned, that will be lent out, and, connect back in via Cisco VPN Client, but, the possible subnets (4) that could be used for this connection are the same are not unique to each of the 175 sites. In other words, laptops from multiple sites will connect in via the same 4 subnets, even though they are not actual clients of MY site.

As I've noticed that on all laptops that are not physically on my LAN, but connect in via VPN, have Advertisements in a "WAITING" status, I assume I need to configure the Roaming Boundaries of my site, but...am concerned about the laptops belonging to the other sites--I want to ignore them, and only impact MY laptops.

Do I simply add in the VPN subnets as Roaming Boundaries, and, this will work, or, is something else required to ensure that only MY laptops are impacted?

I would consider my Distribution Servers as Remote for these subnets, since they've connecting at relatively low speed.

Thanks!

You can't add them to your site, if one of the 174 other sites does the same then you have overlapping boundaries, which is unsupported and generates unpredictable results.

The way to resolve this is to have the 4 subnets added to the sms site in the location where the vpn server/endpoint is located.

--
"Everyone is an expert at something"
Kim Oppalfens - Sms Expert for lack of any other expertise
Windows Server System MVP - SMS
http://www.blogcastrepository.com/blogs/kim_oppalfenss_systems_management_ideas/default.aspx
.

---

• Prev by Date: Re: sms 2003 advance clients in different AD forest ?
• Next by Date: Re: Secondary Site - Publish Roaming Boandary Information to AD
• Previous by thread: Re: sms 2003 advance clients in different AD forest ?
• Next by thread: Re: Secondary Site - Publish Roaming Boandary Information to AD
• Index(es):
  • Date
  • Thread

---

Relevant Pages Site Assignment for VPN-Remote Advanced Clients ... I have a SMS 2003 SP1 structure, Active Directory in Windows Server 2003 ... with boundaries configured for the LAN IP subnets. ... boundaries, which is why I defined them with IP subnets rather than AD name. ... VPN to connect. ... (microsoft.public.sms.setup) Re: Domains vs. Workgroups ... I recently ran into a situation where laptops joined to a domain ... are allocated to the local accounts on the workgroup computers. ... be more for convenience than for security. ... Subnets - if you have routes ... (microsoft.public.win2000.networking) Re: Preventing Users who travel from switching SMS sites ... All of the VLAN subnets for Corp HQ are in one AD site, ... If the SMS client is not supposed to move from site to site, ... within the site boundaries of Primary1. ... The clients are XP SP2 mostly. ... (microsoft.public.sms.admin) Re: Clients retrieving wrong MP from AD ... I have AD sites in SMS Site Boundries and no subnets defined. ... you are using AD sites as your target in SMS Site Boundaries (or Roaming ... Unpredictable means the client uses the alphabetically lowest site as ... (microsoft.public.sms.admin) Re: networking / vpn / dhcp question ... I would recommend keeping as much of that independence as best ... Don't make them hopelessly dependent on a VPN link that by nature ... any other router that is between two subnets. ... Connecting to that server is ... (microsoft.public.win2000.networking)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > SMS  > microsoft.public.sms.setup  > 2007-06