Domains connections over VPN's

I am having problems with getting my domain fully functional over our VPN's in certain locations. I have the DNS server running on the Domain controller machine and I then manually enter DNS (sometimes WINS) on the machines over the VPN tunnel to the DNS server (manual entry) and the machine for WINS (which it is also running). I can see the machine and join the domain but it won't apply the policies in some locations. I believe it has something to do with the VPN routers - blocking certain types of traffic but I am not sure. The routers are Linksys RV042's and the main router (which is the gateway VPN) is a netgear vpn prosafe firewall router. I have been fumbling around now trying to get this fully functioning and I keep running into probs in certain locations.

Is there better vpn routers I should be using to simplify this process? Cisco? I am worried of the Linksys and Netgear tunnels going down (which has happened before).

We have 7 offices with 15-20 clients at each - all on T1s.  I really need to know the best way to get my domain working in the most efficient way. I want to have it only accessed through the VPN at our offices (for secure purposes).

If anyone has any suggestions I would really greatly appreciate!!

Thank you,

- cparent
cparent05Asked:
Who is Participating?
 
feptiasCommented:
Hi cparent

That's quite a big question you're asking and some of it is too tricky to comment on without seeing diagrams and knowing a lot more detail about what your clients need and where your servers are located and what they do etc. However, I can make a few comments that might be of interest/help:

Reliabilty of site-to-site VPN routers: I used some low cost Netgear Prosafes for a client and eventually had to swap them out for something more serious (SonicWalls) because the reliabilty was just not good enough. The Netgears looked great value, but they would lock up about every 30 days and needed a power cycle to reset them. I have no experience of Linksys but generally you get what you pay for.

If your WAN connections are "intermittent" you might want to consider putting a domain controller server at each branch office - with 15-20 clients at each this could probably be justified (just). Windows Server 2003 is good in this situation because it can be configured with knowledge of sites and the links between them. Domain information replicates automatically in the background. It also uses its knowledge of your network topology to ensure client PC's talk to the local DC when it is available.

Hope this helps.
0
 
cparent05Author Commented:
This is good advice. I think I will keep a log now of probs requiring a hard reset of the base router. I have not had to yet but it may happen in the future. I may end up actually setting up domain controllers at each location. My only prob or concern would be that it may be a little redundant to have each location with its own server. The good thing about this though would be that IF the internet or vpn went down it would still have server access and server mapped drives etc.


Thanks for comment and suggestions!

-cparent
0
 
feptiasCommented:
If users want to access the server for file shares as well as login authentication, then you should look at Distributed File Services and File Replication (again this is in Server 2003 for sure and might be in 2000). This allows automated replication of shares across servers so would allow work to continue even if the vpn link was down. It is not suitable for files that are being constantly changed and updated, but is great for shared files that don't change often or only get changed by one "master" user.

Good luck with the project.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.