?
Solved

Active directory issue with remote office on site to site vpn (split)

Posted on 2012-09-07
4
Medium Priority
?
550 Views
Last Modified: 2012-09-23
Hello all,
I just set up a site to site VPN with a Cisco RV120 at a remote office.  I have an RV180 at the main office - these do not support a full tunnel - at least that is what the Cisco engineer told me-   so I can ping the lan router address and get a remote desktop connection to my server back at the main office, but my work stations can not see any shares or access an app.  I joined the domain before the desktops were deployed to the remote office.  I am new to this, but the Cisco guy told me I needed to tell the AD Server to respond to traffic from the remote office subnet.  I am not sure how to do that.  the main office is 192.168.200.0/24 and the remote is 192.168.1.0/24

I have read a number of the posts on this site and my remte office router is handling dhcp for the remote office using the isp dns.  Not sure if that matters...

any hep would be appreciated and I feel deep in the weeds here.

thanks
0
Comment
Question by:ValuedCustomer
  • 2
4 Comments
 
LVL 43

Accepted Solution

by:
Steve Knight earned 2000 total points
ID: 38379134
All clients should point at an ad server for their dns server.  As long as the. Domaiin members can see their ad servers using dns to resolve then they can logon and shoulld be able to access the resources on there.

So first off issue is to dish out dns server from main office rather than isp one.

Steve
0
 
LVL 5

Expert Comment

by:Kernel_Recovery_Tools
ID: 38382129
I have got two links for you. Try following these steps and see if the problem is solved:

http://tech.avivo.si/2009/07/a-listener-channel-for-protocol-http-in-worker-process-serving-application-pool-defaultapppool-reported-a-listener-channel-failure/

The second one is:
http://forums.asp.net/t/1705524.aspx/1
Let me know if you managed to fix them.
0
 
LVL 17

Expert Comment

by:aoakeley
ID: 38382662
>  so I can ping the lan router address and get a remote desktop connection to my server back at the main office
-- That sounds like a tunnel is up and running, so not sure what your cisco guy is on about

>  but my work stations can not see any shares or access an app.  I joined the domain before the desktops were deployed to the remote office
-- make sure the DNS Server IP Address on your workstations points to the IP Address of the DNS server in the 192.168.200.0/24 subnet

> but the Cisco guy told me I needed to tell the AD Server to respond to traffic from the remote office subnet.
-- The DC will respond even if it does not recognise the IP, but you can add a subnet in AD Sites and Services and link it to you main site if you like.  Down the track you might like to put a new DC in the remote site and create a second site in AD sites and services. This will ensure that workstations in each site get authenticated by a local DC when possible.

> I have read a number of the posts on this site and my remte office router is handling dhcp for the remote office using the isp dns.  Not sure if that matters...
-- This does mater. Make sure the DHCP on the router gives out the DNS Server IP address of the DC, not an external DNS server.
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 38425913
Thanks for selecting my answer.  Did this turn out to be just a DNS issue or was there other issues too (for when people search and find this)

Steve
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question