Site 2 Site VPN - Domain Authentication? 1

[beholder95]

I've successfully setup a Site 2 Site VPN (A Tz170 w/ standard OS connecting to a Pro 2040 w/ Enhanced).
I can hit the LAn on the Pro2040's side and all other subnets jsut fine (including the Domain Controller), but the machine on the VPN isn't authenticating with the Domain Controller - using a cached login. What am I doing wrong?

Thanks!
- Andy

 

[beholder95]

I got this part to work.. however can't see to get my companyweb to come up. Apparently all website access isn't going over the VPN, is there a way to make this happen?

I know in another post i said i wanted traffic to go over the vpn only for needed apps, but since they need access to our internal site i think i'll just have it all go over.

Thanks!
Andy

 

[SonicWALLInstructor]

Hi Andy,

If you are taking about going to your company web server that is behind the Sonicwall Firewall using the external public IP, you will need to make a DNS lookup back rule on the Firewall (if you are running enhanced)

Roger White CISSP, CISA, CISM, GSEC
Certified SonicWALL Instructor
Certified Security Architect and Auditor
Network Security Team
Invenio Technology
(212)244-4994 ext. 715
(917)326-0386

http://www.inveniotechnology.com

 

[beholder95]

OH, so you are saying i can create a DNS rule on the off-site sonicwall that will point all requests to company web to my public IP, then just change my setting to allow company web to be accessed via the IP?

 

[beholder95]

I got it to work, it turns out it was the IP Address Deny List in IIS on my server that was the issue. Since my group policy specified //companyweb as the homepage the DNS resolves it to my servers private IP, so my clients on the VPN can still get the companyweb and also use their bandwidth to surf outside websites - not pull all traffic through the VPN.

Thanks!
Andy