Link to home
Start Free TrialLog in
Avatar of ellsworth2000

asked on

How do I configure Group Policy so subnets different than the server can have functionality with RDC file/printer sharing

Good Day Experts,

I cannot use Remote desktop Connection, login scripts and cannot browse to my clients that are across a dedicated(fvs338 netgear VPN firewall) on a different subnet.  The Small Business Server is on and vpn clients are on  I made an adjust ment to the Group Policy for the SBS clients to allow port TCP 3389 to use RDC and yesterday it worked once and today I can't make it work at all.  

Could someone please advise on where this Group policy setting would be and details on how to modify it?  Or another potential cause of the issues I'm having.

Thanks Experts,

Avatar of captaink118
Flag of United States of America image

Do you have your static routes setup for the offsite subnet?
Avatar of ellsworth2000


I don't think so. though when I had SBS 2000 setup with these VPN routers I could remote desktop to everyone on the network
So I added static routes and that didn't seem to help
The static routes should be in the two routers.
At least that is how you would normally set it up.  The netgear firewall could be different.

In your NETGEAR ProSafe VPN Firewall FVS338 under "Network Configuration" in the last tab "Routing"
Do you have the static route set for your other network?  And when you log into the FV338 on the other side do you have the route to your side?

I hope that is not too confusing.
Oh no that is quite clear and now that I've checked yes I do have that set up.
The only way that I've found functionality with RDC to the remote clients is by turning off the SBS client Group Policy Firewall.
ANd I also have the ability to share files but I still cannot get the login scripts to work.  IS there some kind of setting in group policy for logon scripts?
Can you ping the devices on the network from the network?
to and from
Avatar of Tim_Jr

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I have the script in place and I have told Active directory to run it and when my clients on the same subnet as the SBS server logon they run the script.  But my SBS clients that are across our VPN on the other subnet fail to run the same script.
And the reason i've been using active directory instead of GP is because certain users have to run different scripts.
or is there a way to configure GP to do different scripts for each user?
Absolutely, you can do it per user with GP.

User Configuration \ Windows Settings \ Scripts (Logon/Logoff)
What do I choose to edit from GP managment to do that per user?
Hey Tim the logon scripts just started working.  The script I'm using uses maps a drive and the path I had to that mapping was incorrect.  It works now.  As far as I can tell turning off the firewall for the Group Policy for SBS computers is what did it.

Thank you for all your help Tim and Captain,