Ivrnet
asked on
Problems authenticating to domain over the WAN via VPN
Here's the setup.
We have 2 physical locations, approximately 20 blocks apart, connected via a gateway to gateway VPN tunnel. VPN tunnel is connected and stable, and has been for months.
At Site A, I have a Sonicwall TZ170 router at 192.168.1.254. The internal LAN is 192.168.1.x. Windows Server 2003 domain controller is at Site A at 192.168.1.50. DC is also the DNS, and DHCP server, though all clients except those connecting wirelessly are using static IP's.
At Site B, I have a Linksys RV082 router at 192.168.10.1. The internal LAN is 192.168.10.x. Clients on this site are using static IP's. For their DNS information I have 192.168.1.50 and 192.168.10.1, in that order.
All computers at both locations are members of the domain. All users have a logon script, logon.bat, which deletes, then re-maps a couple of network drives, and maps 2 printers. In the last few days, I am having a number of issues.
1. Users at Site B sometimes get "domain is not available" when trying to log on. Will usually let them on after several tries or a reboot.
2. Users at Site B are sometimes not able to access the network drives. They receive "the system detected a possible attempt to compromise security make sure you can contact the server that authenticated you"
3. Intermittently not able to ping the DNS server by name. Pinging by IP works.
4. Intermittently not able to browse network folders by name.
5. Intermittently not able to authenticate to network folders, get "domain controller could not be contacted" message.
6. Intermittently get "An error occured while connecting to... the local device name is already in use. The connection has not been restored"
So, this all points to a DNS issue, obviously. What I'm wondering is how I should have my clients configured so I can eliminate these domain logon and shared folder issues. Also, should I set up the Linksys router at Site B to use the DNS from Site A? Currently it is using the ISP DNS. If I do this, will it affect the users internet access at Site B?
Thanks
We have 2 physical locations, approximately 20 blocks apart, connected via a gateway to gateway VPN tunnel. VPN tunnel is connected and stable, and has been for months.
At Site A, I have a Sonicwall TZ170 router at 192.168.1.254. The internal LAN is 192.168.1.x. Windows Server 2003 domain controller is at Site A at 192.168.1.50. DC is also the DNS, and DHCP server, though all clients except those connecting wirelessly are using static IP's.
At Site B, I have a Linksys RV082 router at 192.168.10.1. The internal LAN is 192.168.10.x. Clients on this site are using static IP's. For their DNS information I have 192.168.1.50 and 192.168.10.1, in that order.
All computers at both locations are members of the domain. All users have a logon script, logon.bat, which deletes, then re-maps a couple of network drives, and maps 2 printers. In the last few days, I am having a number of issues.
1. Users at Site B sometimes get "domain is not available" when trying to log on. Will usually let them on after several tries or a reboot.
2. Users at Site B are sometimes not able to access the network drives. They receive "the system detected a possible attempt to compromise security make sure you can contact the server that authenticated you"
3. Intermittently not able to ping the DNS server by name. Pinging by IP works.
4. Intermittently not able to browse network folders by name.
5. Intermittently not able to authenticate to network folders, get "domain controller could not be contacted" message.
6. Intermittently get "An error occured while connecting to... the local device name is already in use. The connection has not been restored"
So, this all points to a DNS issue, obviously. What I'm wondering is how I should have my clients configured so I can eliminate these domain logon and shared folder issues. Also, should I set up the Linksys router at Site B to use the DNS from Site A? Currently it is using the ISP DNS. If I do this, will it affect the users internet access at Site B?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I will keep this question monitored for the next month or so. If you have any other problems let me know.
ASKER