VPN network view
I have a client that is in TN, I'm in Miami.
I created a VPN via the routers, the VPN connected correctly and as far as the VPN all is working correctly.
I was able to join a user from my office in Miami to the Domain in TN via the VPN.
I can see the DFS root that the users on the TN domain get via a group policy, so as far as I can tell all is working correctly.
Now I installed a software that uses a db that is on a shared folder on the TN domain. When I click on the network icon to access shares on the domain I only see the workstations/ computers on my local domain,
how do I make it so that I can see the shares on the TN domain?
Thanks All
I created a VPN via the routers, the VPN connected correctly and as far as the VPN all is working correctly.
I was able to join a user from my office in Miami to the Domain in TN via the VPN.
I can see the DFS root that the users on the TN domain get via a group policy, so as far as I can tell all is working correctly.
Now I installed a software that uses a db that is on a shared folder on the TN domain. When I click on the network icon to access shares on the domain I only see the workstations/ computers on my local domain,
how do I make it so that I can see the shares on the TN domain?Thanks All
Efstratios Arvanitidis
Set the FQDN name under the DNS Suffix settings of your VPN adapter and try again. Revert with outcome.
like the above, if your connecting to a device not on your network u need to use the FQDN name.... servername.domain.com for example so it knows where to look.
cheers
cheers
ASKER
Ok
I understand what I have to do, but not sure exactly where to do it at. Can you please explain exactly where I will be putting tr FQDN. A pic would be great if possible.
Sorry to be a pain, it's my first time doing this.
Thank you very much guys.
I understand what I have to do, but not sure exactly where to do it at. Can you please explain exactly where I will be putting tr FQDN. A pic would be great if possible.
Sorry to be a pain, it's my first time doing this.
Thank you very much guys.
You should go to network adapters and locate the virtual adapter used for the V P N. Right click and choose properties. Locate the t c p/I p and edit it. go to t he DNS tab and add the FQDN in the suffixes field.
ASKER
Got it
I'll give it a try.
Let you know how it goes.
I'll give it a try.
Let you know how it goes.
ASKER
Just to make sure...
When you say go into the VPN adapert (NIC)
You mean the (NIC) of the workstation that I'm trying to connect to the share folder on the remote Domain, correct???
When you say go into the VPN adapert (NIC)
You mean the (NIC) of the workstation that I'm trying to connect to the share folder on the remote Domain, correct???
Either this or the virtual NIC used for the vpn from the remote PC
ASKER
OK
but not the NIC form the Server?
but not the NIC form the Server?
Not the server's
ASKER
ok,
I did the following
Went into the NIC of the comptuers that I joined to the TN domain
Added the FQDN in the DNS area
Still unable to see the shared folder on the TN Domain
The DNS that you see there is that of the TN Domain
What I'm I doing wrong?
I did the following
Went into the NIC of the comptuers that I joined to the TN domain
Added the FQDN in the DNS area
Still unable to see the shared folder on the TN DomainThe DNS that you see there is that of the TN Domain
What I'm I doing wrong?
From the screenshot you sent I think there is a mistake to the FQDN.
You wrote dc.nltn.local as the FQDN. I believe that "dc" from "dc.nltn.local" is the name of the domain controller and the domain name is "nltn.local". Please confirm. If this is not the case then leave it as is.
I suppose that you have properly set the permissions to the shared folder. Confirm.
Did you try to access the folder using the UNC path e.g. \\servername.nltn.local\sh
You wrote dc.nltn.local as the FQDN. I believe that "dc" from "dc.nltn.local" is the name of the domain controller and the domain name is "nltn.local". Please confirm. If this is not the case then leave it as is.
I suppose that you have properly set the permissions to the shared folder. Confirm.
Did you try to access the folder using the UNC path e.g. \\servername.nltn.local\sh
ASKER
Yes the Srv name is DC
The network none is nltn.local
And yes even get the DFS via a group policy and I can access his folder and other folders that the user has permission on
The network none is nltn.local
And yes even get the DFS via a group policy and I can access his folder and other folders that the user has permission on
OK since the FQDN is nltn.local you should change it under the suffixes field.
When you do so go to Start>Run> and try to access the share you need typing something like this: "\\fileservername.nltn.loc
Revert with outcome.
To make it more clear if the Shared Folder is named SharedData and is located on the DC server the UNC path should have been:
"\\dc.nltn.local\SharedDat
--------------------------
Since you said initially that you have successfully joined a remote user to the TN domain over VPN, another thing to consider would be, to configure the VPN connection to open before user logs into the computer. Thus a connection to your LAN would be in place when the user would ask for authentication from your AD. After successful logon the user would act as being a part of the LAN of the server and would be able to browse shares accordingly.
When you do so go to Start>Run> and try to access the share you need typing something like this: "\\fileservername.nltn.loc
Revert with outcome.
To make it more clear if the Shared Folder is named SharedData and is located on the DC server the UNC path should have been:
"\\dc.nltn.local\SharedDat
--------------------------
Since you said initially that you have successfully joined a remote user to the TN domain over VPN, another thing to consider would be, to configure the VPN connection to open before user logs into the computer. Thus a connection to your LAN would be in place when the user would ask for authentication from your AD. After successful logon the user would act as being a part of the LAN of the server and would be able to browse shares accordingly.
ASKER
The VPN is from Router to Router so it always on.
As for the FQDN I'm pretty sure the way I have it is correct. Unless I misunderstood u.
I loped it up (see blow)
A fully qualified domain name (FQDN) is the complete domain name for a specific computer, or host, on the Internet. The FQDN consists of two parts: the hostname and the domain name. For example, an FQDN for a hypothetical mail server might be mymail.somecollege.edu. The hostname is mymail, and the host is located within the domain somecollege.edu.
As for the FQDN I'm pretty sure the way I have it is correct. Unless I misunderstood u.
I loped it up (see blow)
A fully qualified domain name (FQDN) is the complete domain name for a specific computer, or host, on the Internet. The FQDN consists of two parts: the hostname and the domain name. For example, an FQDN for a hypothetical mail server might be mymail.somecollege.edu. The hostname is mymail, and the host is located within the domain somecollege.edu.
Yes the FQDN of a device is the devicename.domainame
I mis-expressed myself.
What you actually need is the suffix (as it is also stated) that will be added after the device name so that you have the FQDN of the device.
So since you have an IPSEC VPN tunnel always on you should somehow authenticate your users to your DC. How do you do that?
I mis-expressed myself.
What you actually need is the suffix (as it is also stated) that will be added after the device name so that you have the FQDN of the device.
So since you have an IPSEC VPN tunnel always on you should somehow authenticate your users to your DC. How do you do that?
ASKER
active directory is used for auth
So I should change the suffix to
nltn.local?
So I should change the suffix to
nltn.local?
ASKER
Ok
I'll try that as soon as I get to office.
Thanks
I'll try that as soon as I get to office.
Thanks
ASKER
I still can't view the share drive, but I can have have always been able to get to it via its UNC.
any other ideas?
any other ideas?
What about creating a Map Drive to the Shared Folder that you want to access which will reconnect each time the remote users logs on to the computer?
ASKER
same problem when I try to map a drive, I can only see the computer on my side, not the TN domain.
When mapping a drive use manually the full UNC path to your shared folder. Don't try to browse for the computer and then the shared folder.
Capture.PNG
Capture.PNG
ASKER
so is it a normal thing not to be able to browse for a shared folder via a VPN connection?
ASKER
Well I can map a drive if I put the UNC path...
Can you please confirm if the remote user is using a Domain Account to log on to his computer? Has his computer been added to the AD?
If not then it's rational not to be able to see other computers of the remote network since he doesn't belong to the same domain.
If not then it's rational not to be able to see other computers of the remote network since he doesn't belong to the same domain.
ASKER
yes the remote user is a member of the TN domain.
like I explained before he even get's a DFS via a GPO that is assign to an OU which he is a member in.
like I explained before he even get's a DFS via a GPO that is assign to an OU which he is a member in.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I did check the FW... all seems correct.
I do agree with you about the map drive.
Thank you very much for all of your help and suggestions.
I do agree with you about the map drive.
Thank you very much for all of your help and suggestions.