Re: VPN and Domain
- From: "Paul" <paul@xxxxxxxxxxx>
- Date: Fri, 9 Dec 2005 20:31:16 -0500
Thanks for the input,
I have setup the VPN using 2 Linksys and it works fine
I can remote connect to the remote site (one of the computer at least, I've
set it up on static to help troublesooting) this same remote computer cannot
connect either to the server or the same winXP desktop I used to connect to
the remote site (ping times out). It looks like the firewall or something is
blocking one way but not the other...Makes sense?
I have tried to put in ISA some rules to let the connection thru but that
doesn't seem to work. Maybe the rule
If the VPN is setup between the 2 sites using Linksys, what would be the
'let through address' the remote VPN address with ISAfirewall: The remote
site range (192.168.1 to 192.168.1.254?) or should I use the static address
of the remote internet connection...I'm getting lost, I have tried both.
If the remote site wants to connect to the domain, I guess the DHCP server
on at the main office needs to give IP's to the remote site? I have tried
that and when I do this (creating a remote network range) then I cannot ping
the remote computer.
SBS uses 2 NIC's, internal and external. Do I need to uninstall ISA or
'bridge' the external and internal NIC's or totally bypass the firewall for
this to work?
I"m getting a little lost.
Thanks for the basics, I'm trying but hitting a wall with my head (it hurts)
Another DCcould work, but costs! and then replication is not very often and
I need almost instantaneous becaude of an accounting/invoicing system. The
way it was set is that some users on the remote RDP'd to a dedicated
computer at the main office wich was on the main office network and that
worked fine. Now I have to bypass the firewall or use only one NIC on the
server.
HELP!
"Jim Behning SBS MVP" <jimbehing@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:tn0jp118r6vqhjftj0qm73efk6cuctm6q2@xxxxxxxxxx
> You do not need any DC at a remote site. I have plenty of accounts
> with satellite offices that work just fine with no additional DCs.
> Everything they want and need is at the main office so no DC is wanted
> or desired.
>
> They also join the domain without issue using the old fashion way of
> joining the domain. Make your vpn connection. Right click My
> Computer/name and join from there.
>
> v-chayan@xxxxxxxxxxxxxxxxxxxx ("Charles Yang [MSFT]") wrote:
>
>>HI All,
>>
>>Thanks for updates.
>>
>>As I know, if you do not want to deploy additional DC on the remote site,
>>you can use the site to site VPN to remote logon to SBS domain. You need
>>to
>>use connectcomputer wizard to join to the SBS domain, but as I know you
>>might have to connect the client computer to SBS domain directly if you
>>want to join to SBS domain. The connect computer wizard only allow to join
>>the local network client, it is not allow to join the VPN client.
>>
>>That why I suggest you deploy an additional DC on remote site, it will be
>>more convenient to manager PC on remote site.
>>
>>Hope the above information helpful.
>>
>>
>>
>>Best regards,
>>
>>Charles Yang (MSFT)
>>
>>Microsoft CSS Online Newsgroup Support
>>
>>Get Secure! - www.microsoft.com/security
>>
>>======================================================
>>This newsgroup only focuses on SBS technical issues. If you have issues
>>regarding other Microsoft products, you'd better post in the corresponding
>>newsgroups so that they can be resolved in an efficient and timely manner.
>>You can locate the newsgroup here:
>>http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>>
>>When opening a new thread via the web interface, we recommend you check
>>the
>>"Notify me of replies" box to receive e-mail notifications when there are
>>any updates in your thread. When responding to posts via your newsreader,
>>please "Reply to Group" so that others may learn and benefit from your
>>issue.
>>
>>Microsoft engineers can only focus on one issue per thread. Although we
>>provide other information for your reference, we recommend you post
>>different incidents in different threads to keep the thread clean. In
>>doing
>>so, it will ensure your issues are resolved in a timely manner.
>>
>>For urgent issues, you may want to contact Microsoft CSS directly. Please
>>check http://support.microsoft.com for regional support phone numbers.
>>
>>Any input or comments in this thread are highly appreciated.
>>======================================================
>>This posting is provided "AS IS" with no warranties, and confers no
>>rights.
>>
>>
>>=====================================================
>>When responding to posts, please "Reply to Group" via your newsreader so
>>that others may learn and benefit from your issue.
>>=====================================================
>>
>>This posting is provided "AS IS" with no warranties, and confers no
>>rights.
>>
>>--------------------
>>| From: Jim Behning SBS MVP<jimbehing@xxxxxxxxxxxxxxxxxxxxxxx>
>>| Newsgroups: microsoft.public.windows.server.sbs
>>| Subject: Re: VPN and Domain
>>| Organization: MindSpring Enterprises, Inc.
>>| Reply-To: jimbehning@xxxxxxxxxxxxxxxxxxxxxxxxx
>>| Message-ID: <i93ip19tpk3c4n9r6ku0v6jcjdefboo946@xxxxxxx>
>>| References: <eT7WaFF$FHA.1028@xxxxxxxxxxxxxxxxxxxx>
>>| X-Newsreader: Forte Free Agent 3.0/32.763
>>| MIME-Version: 1.0
>>| Content-Type: text/plain; charset=us-ascii
>>| Content-Transfer-Encoding: 7bit
>>| X-Antivirus: avast! (VPS 0549-3, 12/07/2005), Outbound message
>>| X-Antivirus-Status: Clean
>>| Lines: 28
>>| Date: Fri, 09 Dec 2005 04:56:51 GMT
>>| NNTP-Posting-Host: 66.32.248.222
>>| X-Complaints-To: abuse@xxxxxxxxxxxxx
>>| X-Trace: newsread3.news.atl.earthlink.net 1134104211 66.32.248.222 (Thu,
>>08 Dec 2005 20:56:51 PST)
>>| NNTP-Posting-Date: Thu, 08 Dec 2005 20:56:51 PST
>>| Path:
>>TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
>>ne.de!newshub.sdsu.edu!elnk-nf2-pas!newsfeed.earthlink.net!stamper.news.pas.
>>earthlink.net!stamper.news.atl.earthlink.net!newsread3.news.atl.earthlink.ne
>>t.POSTED!57968dc9!not-for-mail
>>| Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:228949
>>| X-Tomcat-NG: microsoft.public.windows.server.sbs
>>|
>>| If I recall correctly I opened a command prompt at the SBS and type
>>| route add -p 192.168.1.0 mask 255.255.255.0 192.168.16.44. This
>>| assumes your vpn router at the main office is attached to a seperate
>>| static real world ip. This also assumes that yur ip scheme at the
>>| satelite office is 192.168.1.x. My office had multiple external ips.
>>| The SBS used one. The vpn router used another. I may have done some
>>| pptp vpn that may or may not be neccessary. I would have to take a
>>| clean non domain machine to that account to test.
>>|
>>| Can you ping the SBS from the satellite office? If so you could try to
>>| join the domain. I think I also set the dns of the satellite router to
>>| point to the SBS.
>>|
>>| "Paul" <paul@xxxxxxxxxxx> wrote:
>>|
>>| >I have created a site2site VPN using 2 Linksys BEFVP41 and works fine
>>| >joining the 2 networks
>>| >Now one of the sites has installed SBS 2003 to create a domain. Is it
>>| >possible to have the remote site (the one with only a Linksys and 7
>>users)
>>| >join the domain on the SBS? If so any special considerations? I've
>>tried
>>| >googling but there is so much to read and yet not much on this
>>| >configuration.
>>| >
>>| >Thanks to all
>>| >
>>| Jim B. SBS MVP
>>| I don't have much to say but it can be found here
>>| http://msmvps.com/bgb/
>>|
> Jim B. SBS MVP
> I don't have much to say but it can be found here
> http://msmvps.com/bgb/
.
- Follow-Ups:
- Re: VPN and Domain
- From: Jim Behning SBS MVP
- Re: VPN and Domain
- References:
- VPN and Domain
- From: Paul
- Re: VPN and Domain
- From: Jim Behning SBS MVP
- Re: VPN and Domain
- From: "Charles Yang [MSFT]"
- Re: VPN and Domain
- From: Jim Behning SBS MVP
- VPN and Domain
- Prev by Date: Re: Shadow Copy
- Next by Date: Re: Can not log into RWW
- Previous by thread: Re: VPN and Domain
- Next by thread: Re: VPN and Domain
- Index(es):
Relevant Pages
|
