Topic: Join AD domain over VPN

[haliparotin]

hi! i have a 2 site Main office (10 computer) and Branch office (10 computers), i have AD domain (SME 8.beta7) on main office. I would like to connect my branch office to my main office using VPN (IPSec) and join into my AD. my question is how can i do this to make it works?   

My main office IP: 192.168.1.0/24
  Branch office IP: 192.168.2.0/24

Thank you..

[janet]

haliparotin

Please learn to read the Contrib & Howto articles
http://wiki.contribs.org/OpenVPN_SiteToSite

See my signature box below for all details

[haliparotin]

Thank you for reply Mary.. actually my SME Server is only act as AD and im using other firewall OS and now i don't know how can make this setup? 

Modem <- -> Firewall <--> AD (SME Server)

[janet]

haliparotin

You can use the VPN features of your firewall(s) or this
http://wiki.contribs.org/OpenVPN_Bridge
Requirements
SME Server 7.X (serveronly or server&gateway works)

[Stefano]

Thank you for reply Mary.. actually my SME Server is only act as AD and im using other firewall OS and now i don't know how can make this setup? 

Modem <- -> Firewall <--> AD (SME Server)

first of all, SME is a DC in NT styloe, so not an AD DC

that said, I managed to login to SME's domain via vpn

you need to configure your firewall to forward port tcp 1723 ans protocol 47 GRE to SME (sometimes it is called vpn passthrough or similar)

then, you need to setup a vpn on your clients in the branch office..
at login time (I'm referring to windows XP) you should have the option to use a remote connection

anyway, google will tell you more

ah.. time to upgrade to SME8 final

[haliparotin]

Thank you for reply Stefano. actually on my Setup both Network from MAin and Branch office like this thru IPSEC
                                                                                                 
Main Office - SME Server (DC) < - > Firewall (IPSEC)<-> Modem <->  Internet<-> Modem <-> Firewall (IPSEC) <-> PC (workgroup) - Branch Office


and now how can i join the branch office to my SME Server?


if ever im solve this, i try to upgrade my SME Server later... Thank you..

[Stefano]

ok..

I assume your pcs in branch office can ping SME server, correct?

[haliparotin]

Thank you for reply.. my SME Server can ping my Branch pcs.. both side have ping. Actually i setup my both firewall using IPSEC by Net-to-Net Virtual Private Network.

[Stefano]

you did not answer to my question

to join SME, branch pcs must use SME as DNS server.. you should try to join SME domain from main office and then transfer your pcs to the branch one..

[haliparotin]

Sorry.. Yes.. both Connection have a stable reply on ping. my PC on Branch is so far that's why i cannot transfer one by one. 

[vpurger]

Try this:

On server:  Add branch office network IP as local network

On workstation (branch office): Add SME server IP as WINS server