Hey guys/gals, I have a dilemma here. I'm not real familiar with vpn's as the company I work for isn't that big yet, but we're getting there. We have just opend up another location and I have bother routers talking to each other via a vpn tunnel. At the corp. office, we are running AD with dns and wins. Now, if the manager brings his laptop from the corp office to the new location to work from, should they be able to plug in and logon like they were at the corp office? Or, would I still need to setup rras and utilize the windows vpn software for them to connect?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Is rras still required even if you have a tunnel established?
- Thread starter ravenray
- Start date
Sorry...I don't know too much about this particular config but I believe I know enough about how AD and Remote Access work to help you down the road to answering your own question.
Microsoft defines Remote Access as follows: After the client has been identified and authorized, access to the network can be limited to specific servers, subnets, and protocol types, depending on the remote access profile of the client. Otherwise, all services typically available to a user connected to a local area network (including file and print sharing, Web server access, and messaging) are enabled by means of the remote access connection.
So...a Remote Access connection simply means that you're pulling IP info as if you were physically connected to the corporate office...is this the case when you pull IP info in the remote environment? AD will be available to networks you specify in the AD Sites and Services "Inter-site Transports" I believe; so as long as the DHCP server handling requests for the remote site assigns IP information that falls within one of AD's known networks and the clients have a route to the DCs back at corporate through the router I believe this will work as desired. Perhaps someone more knowledgable than I could give you a more definitive answer on this...good luck!
Microsoft defines Remote Access as follows: After the client has been identified and authorized, access to the network can be limited to specific servers, subnets, and protocol types, depending on the remote access profile of the client. Otherwise, all services typically available to a user connected to a local area network (including file and print sharing, Web server access, and messaging) are enabled by means of the remote access connection.
So...a Remote Access connection simply means that you're pulling IP info as if you were physically connected to the corporate office...is this the case when you pull IP info in the remote environment? AD will be available to networks you specify in the AD Sites and Services "Inter-site Transports" I believe; so as long as the DHCP server handling requests for the remote site assigns IP information that falls within one of AD's known networks and the clients have a route to the DCs back at corporate through the router I believe this will work as desired. Perhaps someone more knowledgable than I could give you a more definitive answer on this...good luck!
- Thread starter
- #3
Actually, you know what. I actually figured it out. LOL! I can't I believe I missed this small detail. At the corp office, we are running a befsx41 router. At the remote location, we are running a 3cr860-95 router. Apparently, when you plug into the linksys (if you have it setup for dhcp) gives you all your info. Ip, DNS, WINS,...etc. Any ways, on the 3com, it gives you almost all info. The funny thing is that, in the dns section, it only gives you one primary dns. Where's the linksys show you a primary, a secondary and even a third one (if you configured it).
So basically, after doin an ipconfig /all on my system at the remote site, I only notice one dns. So I went into the network adapter and add my domain as the primary dns. Did a release and renew, and BAM, it changed it. So now, I setup my system to talk to the domain controller and lord and behold, my system found it. I took the managers laptop and put that dns in as well, it logged in as though they were there at the corp office.
I knew there was something fishy about that 3com router that kept on nagging at me about the dns.
So basically, after doin an ipconfig /all on my system at the remote site, I only notice one dns. So I went into the network adapter and add my domain as the primary dns. Did a release and renew, and BAM, it changed it. So now, I setup my system to talk to the domain controller and lord and behold, my system found it. I took the managers laptop and put that dns in as well, it logged in as though they were there at the corp office.
I knew there was something fishy about that 3com router that kept on nagging at me about the dns.
Yeah DNS is key for AD operation. Depending on the link it might be a good idea to set up a DC in the remote office if you get slow logons...you also might want to streamline DHCP services by using MS DHCP to have your sites nicely organized and centrally managed - the Linksys isn't going to give you the management options for DHCP that MS will; you might be interested in making things easier on yourself as the company grows. DHCP is less of an issue at the remote site than the domain controller would be so DHCP could be run on a server at the corp office or possibly on a DC/File+Print/DFS Server kept locally at the remote site should you decide it's needed.
- Status
Similar threads
- Locked
- Solved
- Locked
- Question
- Locked
- Question