Koozali.org: home of the SME Server

Obsolete Releases => SME 8.x Contribs => Topic started by: haliparotin on June 07, 2012, 10:54:41 AM

Title: Join AD domain over VPN
Post by: haliparotin on June 07, 2012, 10:54:41 AM

hi! i have a 2 site Main office (10 computer) and Branch office (10 computers), i have AD domain (SME 8.beta7) on main office. I would like to connect my branch office to my main office using VPN (IPSec) and join into my AD. my question is how can i do this to make it works?   :-? :-? :-?

My main office IP: 192.168.1.0/24
  Branch office IP: 192.168.2.0/24

Thank you..

Title: Re: Join AD domain over VPN
Post by: janet on June 07, 2012, 11:13:38 AM

haliparotin

Please learn to read the Contrib & Howto articles
http://wiki.contribs.org/OpenVPN_SiteToSite

See my signature box below for all details

Title: Re: Join AD domain over VPN
Post by: haliparotin on June 07, 2012, 12:34:41 PM

Thank you for reply Mary.. actually my SME Server is only act as AD and im using other firewall OS and now i don't know how can make this setup?  :-? :-? :-?

Modem <- -> Firewall <--> AD (SME Server)

Title: Re: Join AD domain over VPN
Post by: janet on June 07, 2012, 12:51:09 PM

haliparotin

You can use the VPN features of your firewall(s) or this
http://wiki.contribs.org/OpenVPN_Bridge
Requirements
SME Server 7.X (serveronly or server&gateway works)

Title: Re: Join AD domain over VPN
Post by: Stefano on June 07, 2012, 09:23:55 PM

Quote from: haliparotin on June 07, 2012, 12:34:41 PM

Thank you for reply Mary.. actually my SME Server is only act as AD and im using other firewall OS and now i don't know how can make this setup?  :-? :-? :-?

Modem <- -> Firewall <--> AD (SME Server)

first of all, SME is a DC in NT styloe, so not an AD DC :-)

that said, I managed to login to SME's domain via vpn

you need to configure your firewall to forward port tcp 1723 ans protocol 47 GRE to SME (sometimes it is called vpn passthrough or similar)

then, you need to setup a vpn on your clients in the branch office..
at login time (I'm referring to windows XP) you should have the option to use a remote connection

anyway, google will tell you more

ah.. time to upgrade to SME8 final ;-)

Title: Re: Join AD domain over VPN
Post by: haliparotin on June 11, 2012, 08:10:44 AM

Thank you for reply Stefano. actually on my Setup both Network from MAin and Branch office like this thru IPSEC
                                                                                                 
Main Office - SME Server (DC) < - > Firewall (IPSEC)<-> Modem <->  Internet<-> Modem <-> Firewall (IPSEC) <-> PC (workgroup) - Branch Office


and now how can i join the branch office to my SME Server?


if ever im solve this, i try to upgrade my SME Server later... Thank you..

Title: Re: Join AD domain over VPN
Post by: Stefano on June 11, 2012, 04:18:23 PM

ok..

I assume your pcs in branch office can ping SME server, correct?

Title: Re: Join AD domain over VPN
Post by: haliparotin on June 13, 2012, 04:10:25 AM

Thank you for reply.. my SME Server can ping my Branch pcs.. both side have ping. Actually i setup my both firewall using IPSEC by Net-to-Net Virtual Private Network.

Title: Re: Join AD domain over VPN
Post by: Stefano on June 13, 2012, 09:51:54 AM

you did not answer to my question :-)

to join SME, branch pcs must use SME as DNS server.. you should try to join SME domain from main office and then transfer your pcs to the branch one..

Title: Re: Join AD domain over VPN
Post by: haliparotin on June 13, 2012, 12:15:18 PM

Sorry.. Yes.. both Connection have a stable reply on ping. my PC on Branch is so far that's why i cannot transfer one by one.  :lol:

Title: Re: Join AD domain over VPN
Post by: vpurger on June 15, 2012, 11:57:23 AM

Try this:

On server:  Add branch office network IP as local network

On workstation (branch office): Add SME server IP as WINS server