Wins

[Guest]

Hi,
We are going to create a VPN between our maryland and Florida office. Our
Maryland office has Windows 2000 with active directory. We are also running
DHCP. The florida office will not have a server. They will all have windows
xp workstations. We wanted them to authenticate on to the maryland network
through the VPN. We would setup a dhcp scope with a subnet for Florida. How
would the Florida office computers know to grab the IP address from the
Maryland DHCP server? Also is the proper way to do this?
Thanks.

Mitch

 

[Phillip Windell]

The best way is simple,...don't do it. Do you realy what the entire
functionality of these machines to depend on a "fickle" VPN connection that
can go up or down with every "whim" of the unpredictable Internet?

1. Create a Site-to-Site VPN (not a Remote Access VPN) between Maryland and
Florida.
2. Each location should be its own subnet
3. Install a DHCP and Domain Controller Server at the Florida Office (can be
on the same box)
4. Both sites will be part of the same Domain, but will be a different
Active Directory Site within Active Directory. One of the functions of AD
Sites is to copensate for slow WAN links which VPN certainly qualifies as.

This allows the Florida sites to be self-functional is the VPN link goes
down (which it *will*). You should be able to find information about
deploying Active Directory over a WAN link using "Sites" on MS's website if
you search for it.

I will not recommend that the Florida location be left "dangling" with no
way to function if the VPN goes down.

 

[an admin too]

Hi,
We are going to create a VPN between our maryland and Florida office. Our
Maryland office has Windows 2000 with active directory. We are also running
DHCP. The florida office will not have a server. They will all have windows
xp workstations. We wanted them to authenticate on to the maryland network
through the VPN. We would setup a dhcp scope with a subnet for Florida. How
would the Florida office computers know to grab the IP address from the
Maryland DHCP server? Also is the proper way to do this?
Thanks.

If the office is too small to have a server it's too small to have DHCP.
However, if you have a recent Cisco router or firewall, it can do the DHCP.

Here is the config from one of our routers at a site with five PC's with a
DHCP range from 10.7.18.101 to 10.7.18.120

ip dhcp excluded-address 10.7.0.0 10.7.18.100
ip dhcp excluded-address 10.7.18.121 10.7.255.255
ip dhcp pool remote1
network 10.7.0.0 255.255.0.0
dns-server 10.5.1.102 (DNS server at main office)
netbios-name-server 10.5.1.102 (WINS server at corp office)
default-router 10.7.1.10
domain-name abc.com

The subject line was WINS, though so here is my answer: Point the FL PC's
to use the Marylasnd WINS server. You don't need a WINS server at every
locaiton. I've setup five locations all using a single WINS server at the
home office.