Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Hello,
Hope someone can help.
I have 3 offices, connected by NETGEAR routers gateway to gateway VPN. this works fine i can ping from site to site no problem. Below is the current setup:
SiteA: ip range: 192.168.0.0-255
AD installed on 2 servers ( one exchange+DNS+DHCP and the other is a web application server )SiteB: IP range: 192.168.1.0-255
AD+DNS+DHCP installed on one serverSiteC: IP range 192.168.3.0-255
AD+DNS+DHCP installed on on server.ok, now when I setup a windows VPN PPTP to connect to SiteC (i has the best upload rate than the other sites and the hardware alows more than on PPTP) I cannot ping to other sites off SiteC. If i ping site A then it tries (gets the IP address) but then times out if i ping SiteB then it cant get the IP address and fails. I'm sure the answer is in the DNS setup of the network but I cant work out how it'd be best to go about this. Anyone have any ideas or link that maybe of help?
Many thanks,
Jimmy .
If you have site to site vpns why would you do MS vpn?
Each of these DCs, are they in the same forest or do you have 3 different forests?
0 
Thanks for your reply.
The Netgear Site to Site VPN link are used in the daytime, for replication, shareing etc.
The MS links i want to use for Remote users, what will connect to the network with laptops using GSM or their home DSL link into the network and use Aplications on all 3 sites when they connect into the network at SiteC
They are all in one forest.
0
Our remote users use the router vpn client to authenicate against the router which then assigns them a ip in the lan segment so they can access the server/apps/programs.
Are all ip segments listed under AD Sites and Services
0
Did you enable ping response? It should have been disabled by default.
"Best Practices", Event viewer, host file, perfmon, antivirus, anti-spyware, Live CD's, backups, are in my top 10
0
I'm very reluctant to go down the router VPN client link as i need to use the access permission with AD. also some laptops are connected to the domain controlers and use the dialin feature on the login screen.
Yes all ranges are in the Sites and Services.
The incomming connections are given IPs from the DHCP service.
0
They are set to respond to ping, The DC's are in seperate sites with interlinking setup correctly, I have DFS Replication setup between all sites.
0
our setup is that of the vpn client to a sonicwall vpn appliance which provides the first layer of authenication. We then launch a citrix session [you can do the same with just Terminal Server] and then logon to the domain which is the second layer of authenication.
This gives the remote user access to all sites in our corp lan/wan.
What you describe is not a dns issue. After all dns is replicated between sites and is common to all.
It would be how you are configuring RRAS vpn service. I seem to recall a choice between access just this server and access this server and the lan. You need the combo.
I wouldn't have anyone on dialup.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
