Group Policy over BOVPN

[Acydman]

I have created a WAN using watchguard BOVPN on IPSEC, set up the lmhosts to enable the users to log onto the domain. But Group Policy is not being enforced?

I'd like to enforce the group policy throughout the WAN. Does anyoe have any tips?

 

[lhuegele]

Set-up a domain controller at your remote office and let all of your clients there get policy updates from it.

Good luck,

 

[Acydman]

Hey I'd love to but we don't have the budget for it some of these branches are only 4 staff. And we have over 15 branches.

 

[porkchopexpress]

You say that you setup lmhosts for name resolution can your clients not see a DNS server over the WAN?

You're going to have trouble with GP if the clients can't resolve the correct DNS records.

 

[Acydman]

I wanted to avoid setting the DNS servers as at HQ as I thought al IP traffic would be directed upto HQ and impact my bandwidth. Unless this is not the case then I'll go with setting the DNS servers at the HQ.

how can I check if the PC can see the DNS server?

 

[lhuegele]

They don't need to just see it, they need to have it set-up in their TCP/IP settings. You'll also want to make sure that port 53 is open over your VPN tunnel.

Good luck,

 

[porkchopexpress]

Take a look at these links and have a think if any of these issues apply to your situation.

ICMP Packet requirement

http://support.microsoft.com/kb/816045

Slow links

http://grouppolicy.editme.com/SlowLinks