Unable to connect to domain without VPN active

I am in the same physical office, on the same physical network, same subnet, etc...

I can ping the server by internal and external IP addresses, but I can only connect with mstsc /v:server_name if I connect to the VPN first. I also cannot find the domain controller when attempting to add a machine to the domain without first connecting to the VPN.

This is fine, except I can't log in without first connecting to the VPN either. Not so fine.

Server 2003 R2 and XP Pro
LVL 9
VampireofdarknessAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

VampireofdarknessAuthor Commented:
Also, nslookup -type=srv domain fails unless connected to VPN.
VampireofdarknessAuthor Commented:
I am also unable to connect to \\server_name without the VPN open.
Neil RussellTechnical Development LeadCommented:
Does your domain controller have Multiple NIC's installed by any chance?
Cloud as a Security Delivery Platform for MSSPs

Every Managed Security Service Provider (MSSP) needs a platform to deliver effective and efficient security-as-a-service to their customers. Scale, elasticity and profitability are a few of the many features that a Cloud platform offers. View our on-demand webinar to learn more!

VampireofdarknessAuthor Commented:
It does not. One NIC on 192.168.0.250.

RRAS shows Loopback, Local Area and Internal. Only dedicated has a device name.
IP Routing > General shows .240 and .250 for Local Area, 100 for Internal
VampireofdarknessAuthor Commented:
I don't know why 100 is assigned. I can't ping it without the VPN, so I'm assuming that's where the problem lies. .100 is not assigned in IP config as an additional address.
Neil RussellTechnical Development LeadCommented:
Neil RussellTechnical Development LeadCommented:
Basically RRAS should NEVER be installed and configured on your DC
VampireofdarknessAuthor Commented:
It works without RRAS; however, I know that RRAS works on a DC, as I have seen it previously.

We also need VPN access, as we have two sites. I could set another set up as RRAS I guess, but for 5 employees to get in it seems like a waste.
Neil RussellTechnical Development LeadCommented:
RRAS  CAN be made to work yes but you have to break lots of things that should be automatically configured by an AD server and configure them manually. The trouble it causes is imense and not worth the hastle.

http://forums.techarena.in/active-directory/1231884.htm

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
VampireofdarknessAuthor Commented:
Untested. Thanks for the link.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.