• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 231
  • Last Modified:

Connecting Two 2003 win servers remotely

I have a server in office A and one in office B.  Both have static IP addresses and I can connect them with a VPN but they will not exchange files are update the users that are added on either through AD.  Server A sees Server B but will not do anything.  I had Server A and B on the same LAN setting them up at the same time and they would exchange info.  Anyone have any ideal?
0
permanentdawg82
Asked:
permanentdawg82
1 Solution
 
hutnorCommented:
You need to set up a VPN between the two offices with your routers over your internet connections. This will give you a secure WAN for the servers to "talk" in.

You may need to change the IP setting to point to the correct router at each location.

I assume office a and b are in complete different locations and not the same biulding because you say remote.
0
 
hkunnanaCommented:
You said, see each other while on different offices. What do you mean by "see". For full healthy domain you need to have many communication ports opened between the two servers, not only ping (if that is what you mean by see each other)
0
 
lnkevinCommented:
>> I can connect them with a VPN but they will not exchange files are update the users that are added on either through AD....

You need to create a secure tunnel instead of dial-in VPN. A secure tunnel in firewall of both locations will allow you transfer data in bi-directions.

If you have different ADs and domains, you also need to grant domain trust between them in AD.

K
0
Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

 
permanentdawg82Author Commented:
They are part of the same domain and have the same AD besides adding an account here and there.  I figured out the problem, but then it creates another problem.  I set the DNS to server B to match that of server A on the LAN card and everything goes as planned.  The only problem now is all the workstations behind server B lose their internet connection when the VPN is up.  
0
 
lnkevinCommented:
If you set up a second DNS at server B, you may want to change your prefer DNS on all computers in location B pointing to that DNS.

K
0
 
lnkevinCommented:
You also need to create Global Catalog on the second DNS server (B).

K
0
 
permanentdawg82Author Commented:
I set the primary DNS to what the computers behind server B use and set the secondary DNS to what server A is.  The connection with the VPN is still good that way but kills the internet to the computers on that side still.  Could that have something to do with the Global Catalog you side to turn on.  I have not tried it yet because I would kill the other office right now I will have to wait till this evening to try when the office closes.  Just wondering if the Global Cat would fix it when turn on.
0
 
lnkevinCommented:
Global Catalog is a must in your secondary location in order to authenticate between the two offices with the same domain user info. Let's do that and keep me updated.

K
0
 
lnkevinCommented:
Again, did you set up site to site VPN? What are the VPN router HW?

In regarding to the Internet access, it's also related to the VPN router configuration. After establishing a VPN connection, you may not be able to access the Internet because the VPN takes over your existing connection and all traffic to use the VPN default gateway on the A network. The A network may not allow VPN clients to access the Internet via its gateway.

1)Make sure your default gateway ip is being used instead of just default gateway option in your VPN properties. If you don't need to access the entire VPN resources, disable the "use default gateway on remote network" option in the properties of the VPN connection
2) Edit route table manually if you know how to or check routing page on this web site.
3) For the security reason, some firewall/routers like Cisco PIX do not allow access the Internet after establishing the VPN and you cannot modify the routing table. You may setup split-tunnel.
4) Also, if you have proxy server set up in your domain, make sure the B office is using the the same proxy or at least configure its own proxy.

K
0
 
permanentdawg82Author Commented:
It is a site to site VPN set up.

Site A

Netopia 3342 modem/router
connected to WIN 2003 Server WAN port
LAN port from WIN 2003 Server to a unmanaged switch

Site B is the same exact layout

IP scheme for site A is 192.168.1.10 - 60
IP scheme for site B is 192.168.1.61 - 100

both have the same subnet  

DNS on the LAN side of A is 192.168.1.1
                           side of B is 192.168.1.2 and the alternate is 192.168.1.1

Does this help any
0
 
lnkevinCommented:
Yes, it does. At least we are on the same page. I believe you just didn't set up your VPN tunnel properly. Here is the guide: http://www.netopia.com/support/hardware/manuals/3342-52_SWUserGuideV733.pdf
Make sure you read the instruction starting on the bottom of page 83

Here is what you want to try in your B location. When you cannot browse Internet with the DNS name, can you try to browse google ip: 64.233.169.104?

If you can browse or ping google ip, your gateway is OK. If not, you may have issue with GW. (some router disable ping option so you may not ping but you can browse)

K
0
 
permanentdawg82Author Commented:
Sorry that was the wrong model its a 3347-02-1006.  I will check the manual on that one though.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now