<div>
Hi ironkernel,<br />
<br />
I'd recommend the following:<br />

<div class="indent">
<b>1. </b>Keep authentication local, install a local DC and ensure DHCP is installed on the DC - I'd have a second DC at the remote office if possible that way you not only have built-in redundancy for your DC but replication traffic is far less significant than the traversing everything over the VPN plus its a Best Practice.<br />
<b>2.</b> Create a Site in AD Sites and Services and add the subnet IP to this site<br />
<b>3.</b> Make sure your DC is configured as a GC (AD Sites and Services)
</div>
For whatever reason if you cannot install a local DC and DHCP then I would recommend to create a new scope on one of your DHCP and then configure IP Helper address. &nbsp;<br />
<br />
With virtualization technologies today, I recommend you entertain option 1 mentioned above.
</div>


Hi ironkernel,

I'd recommend the following:

1. Keep authentication local, install a local DC and ensure DHCP is installed on the DC - I'd have a second DC at the remote office if possible that way you not only have built-in redundancy for your DC but replication traffic is far less significant than the traversing everything over the VPN plus its a Best Practice.
2. Create a Site in AD Sites and Services and add the subnet IP to this site
3. Make sure your DC is configured as a GC (AD Sites and Services)
For whatever reason if you cannot install a local DC and DHCP then I would recommend to create a new scope on one of your DHCP and then configure IP Helper address.  

With virtualization technologies today, I recommend you entertain option 1 mentioned above.

<div>
This is what has been eluding me. Thanks.
</div>


This is what has been eluding me. Thanks.

<div>
<div class="content wysiwyg-content">
Please review the attached. I'm trying to configure NT Domain Authentication via a site-to-site VPN using a Sonicwall and both ends. Looking for experience and ideas.<br />
Thanks<br />
<a href="https://filedb.experts-exchange.com/incoming/2013/12_w51/693184/Visio-Remote-Office-2.pdf" target="_blank" class="file-inline" title="Layout and details (117 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>Visio-Remote-Office-2.pdf</a>
</div>
</div>


Visio-Remote-Office-2.pdf

Please review the attached. I'm trying to configure NT Domain Authentication via a site-to-site VPN using a Sonicwall and both ends. Looking for experience and ideas.
Thanks

Remote Authentication over site-to-site VPN

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.

Network Architecture

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.