Single Sub-Domain: VPN.domain.com to multiple sites?
Posted on 2012-09-06
This might be a stab in the dark, but curiousity gets the better of you.
I would like to just have one VPN subdomain:
That all user's of a Windows 2008 domain Nationally/organistation wide, use to connect externally to, regardless of which site they are from.
Of course this is possible, but my setup then involves site-to-site links within the organisation across the different sites. So yes, accessing every site is possible from the point of VPN access.
DNS requires, that this VPN.domain.com points to a single IP, or we can have more, but it will round-robin, there is no inteligence to this.
MY question is: Is there anyway we can accept the connection on vpn.domain.com, compare their access to a user/group in AD, and then make them reconnect to the correct IP for their region?
Can NAP do this? Sorry I'm new to NAP!
My thinking is to save bandwidth, by having users connect to the correct VPN for their region and saving us cross site bandwidth... Any ideas appreciated.