Avatar of ellsworth2000
ellsworth2000
 asked on

How do I configure Group Policy so subnets different than the server can have functionality with RDC file/printer sharing

Good Day Experts,

I cannot use Remote desktop Connection, login scripts and cannot browse to my clients that are across a dedicated(fvs338 netgear VPN firewall) on a different subnet.  The Small Business Server is on 192.168.0.0 and vpn clients are on 192.168.1.0.  I made an adjust ment to the Group Policy for the SBS clients to allow port TCP 3389 to use RDC and yesterday it worked once and today I can't make it work at all.  

Could someone please advise on where this Group policy setting would be and details on how to modify it?  Or another potential cause of the issues I'm having.

Thanks Experts,

Ellsworth
Microsoft Server OSSBSVPN

Avatar of undefined
Last Comment
ellsworth2000

8/22/2022 - Mon
captaink118

Do you have your static routes setup for the offsite subnet?
ellsworth2000

ASKER
I don't think so. though when I had SBS 2000 setup with these VPN routers I could remote desktop to everyone on the network
ellsworth2000

ASKER
So I added static routes and that didn't seem to help
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
captaink118

The static routes should be in the two routers.
At least that is how you would normally set it up.  The netgear firewall could be different.

In your NETGEAR ProSafe VPN Firewall FVS338 under "Network Configuration" in the last tab "Routing"
Do you have the static route set for your other network?  And when you log into the FV338 on the other side do you have the route to your side?

I hope that is not too confusing.
ellsworth2000

ASKER
Oh no that is quite clear and now that I've checked yes I do have that set up.
ellsworth2000

ASKER
The only way that I've found functionality with RDC to the remote clients is by turning off the SBS client Group Policy Firewall.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
ellsworth2000

ASKER
ANd I also have the ability to share files but I still cannot get the login scripts to work.  IS there some kind of setting in group policy for logon scripts?
Tim_Jr

Can you ping the devices on the 192.168.1.0 network from the 192.168.0.0 network?
ellsworth2000

ASKER
yes
Your help has saved me hundreds of hours of internet surfing.
fblack61
ellsworth2000

ASKER
to and from
ASKER CERTIFIED SOLUTION
Tim_Jr

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
ellsworth2000

ASKER
I have the script in place and I have told Active directory to run it and when my clients on the same subnet as the SBS server logon they run the script.  But my SBS clients that are across our VPN on the other subnet fail to run the same script.
ellsworth2000

ASKER
And the reason i've been using active directory instead of GP is because certain users have to run different scripts.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
ellsworth2000

ASKER
or is there a way to configure GP to do different scripts for each user?
Tim_Jr

Absolutely, you can do it per user with GP.

User Configuration \ Windows Settings \ Scripts (Logon/Logoff)
ellsworth2000

ASKER
What do I choose to edit from GP managment to do that per user?
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
ellsworth2000

ASKER
Hey Tim the logon scripts just started working.  The script I'm using uses maps a drive and the path I had to that mapping was incorrect.  It works now.  As far as I can tell turning off the firewall for the Group Policy for SBS computers is what did it.

Thank you for all your help Tim and Captain,

Ellsworth