Site-to-site VPN and Active Directory
Freshman Member
I have set up a site-to-site VPN between my home (NSG50) and Office (NSG100). How do I allow access to manage my Active Directory, DNS, DHCP etc over the VPN?
NSG50 is on 192.168.2.0/24, NSG100 is on 192.168.0.0/24
NSG100 is connected to Virgin Media Business with static public IP, NSG50 is connected to BT Home Hub with dynamic IP (Dynamic DNS configured) BT Home Hub is using 192.168.1.0/24
I can remote desktop to my servers via hostname (DNS Servers behind NSG100 added to NSG50 config)
NSG50 is on 192.168.2.0/24, NSG100 is on 192.168.0.0/24
NSG100 is connected to Virgin Media Business with static public IP, NSG50 is connected to BT Home Hub with dynamic IP (Dynamic DNS configured) BT Home Hub is using 192.168.1.0/24
I can remote desktop to my servers via hostname (DNS Servers behind NSG100 added to NSG50 config)
0
All Replies
-
Hello @GarethIs your AD server is loacted at 192.168.2.0/24 or 192.168.0.0/24 ? Since it should not have the issue once the VPN tunnel is up.
0 -
the AD server is on 192.168.0.0/24. Cannot find domain from 192.168.2.0/24
0 -
What is the application you expected?Based on description you cannot connect the RDP from 192.1668.2.0/24 with hostname to your AD but if it can work with IP?Feel free to correct me if I'm wrong.0
-
RDP works fine, it's access to ADUC DNS, DHCP admin etc that doesnt work.Nebula_Chris said:What is the application you expected?Based on description you cannot connect the RDP from 192.1668.2.0/24 with hostname to your AD but if it can work with IP?Feel free to correct me if I'm wrong.0 -
Hi @GarethPlease be aware that the DHCP traffic cannot pass-through to VPN tunnel, therefore the DHCP service will not work, but the DNS should work in this case.Can you capture the packet on NSG100 via login to local GUI, LAN1 (assume 192.168.0.0/24 is located in LAN1).
Keep file size as same as split threshold.
Download the pap file and filter DNS, see if the DNS query has pass-through to the tunnel and AD has reply it or not.On the other hand, can you share more detail of ADUC implement? Is it just the AD authentication between these 2 end devices or you would add this client PC/laptop as the member to AD server?
0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
