Connect Access Domain Controller Over VPN

vpn windows-server-2012 group-policy domain-controller

5,616

Yes, it was DNS problem indeed.

Workstations can use DNS to discover where the domain controller is. They use DNS queries like _ldap._tcp.my_domain.com and others. VPN connection created point-to-point link between router and the domain controller and the peer ip of the domain controller (192.168.1.50) have become available to the router network.

Router should be configured to:

Add 192.168.1.50 as the first DNS server sent by the DHCP, second 192.168.5.1
Set "my_domain.com" as the DNS suffix sent to the DHCP clients.

After this the workstations should be able to detect the domain controller and start talking to it.

You may also:

Set 192.168.1.50 as the WINS server sent by the DHCP.
Add route "route add -net 192.168.1.0 netmask 255.255.255.0 dev ${ppp_if}" to make all other systems in the 192.168.1.0/24 network routable from the 192.168.5.0/24 netwotk if it's required.

5,616

Reafidy

Updated on September 18, 2022

Comments

Reafidy almost 2 years

We have a remote base which we would like to connect to our main office. We bought a VPN capable router thinking this would dial the vpn and our remote PC would connect seamlessly.

Unfortunately when the router dials the VPN it is given an IP address of 192.168.1.50. The address of the domain controller is 192.168.1.2 so the remote PCs cant find the domain controller.

I can manually set a network drive on the remote PC to point to the 192.168.1.50 address which allows us to browse files on the server however things like group policy fail to find the domain controller.

Update: We have one server running windows server 2012 which is the domain controller and the VPN server in one. We have a static IP address on the server which the VPN router dials. Yes the router is installed at the remote location. The router at the remote location is assigned the IP address of 192.168.1.50.

Can anyone help solve this?
- Dmitry Ilyin about 8 years
  
  You have a Public IP on your domain controller? You have installed the router on the remote location? Router deals to the VPN server on the DC server? Router as the VPM client got IP 192.168.1.50 from the VPN server? Routers works as NAT for the remote office? Describe your network please
- EEAA about 8 years
  
  DNS. The problem is always DNS-related.
- Reafidy about 8 years
  
  @dilyin I have update the question please let me know if you require anything else. Thanks.
- Reafidy about 8 years
  
  @EEAA, that would be my guess as well however I dont have the knowledge to troubleshoot further. I may have the VPN client setup wrong it has many options the router is a asus RT-N56U. It has an option: Obtaining DNS from VPN Server which is currently set to no, but i have tried the other options both add to existing and replace which doesnt seem to help
- EEAA about 8 years
  
  There's not much to troubleshoot - if VPN clients can resolve AD-related DNS entries correctly, then that's not the problem. If the cannot, well then that needs to be resolved.
- Reafidy about 8 years
  
  @EEAA, well I guess they the clients are not resolving properly because if I type the server name eg \\MYSERVER it doesn't get resolved. But manually entering the IP address 192.168.1.50 works!!
- Reafidy about 8 years
  
  @EEAA this is for a charity organisation. The router was donated. We have to work with what we have.
- Reafidy about 8 years
  
  @dilyn I don't understand what you are asking. When the router dials the VPN to the public IP Address of 100.101.***.*** it is assigned an internal ip address of 192.168.1.50.
- Reafidy about 8 years
  
  @dilyn the PC's at the remote location are assigned IP address in the range of 192.168.5.*** by the router dhcp.
- Reafidy about 8 years
  
  Let us continue this discussion in chat.