Client sign on to AD via private WAN - Possible?

G

Guest

We are setting up a private wan link to a remote office. Now client computers
are using terminal services to sign on - I want them to be able to sign on to
the domain as local users and access folders and files. There will only be
about 3 or 4 users this way. Is this possible? If it is what do I need to
research to do it?

users on lan at remote office
|
cisco router at remote office
| <-(Private T1 Wan link)
cisco router at HQ
|
local LAN with other users, multiple Win servers

The cisco router at HQ also has another WAN link to the Internet for
everyone to get to the Internet and will be running VoIP (the real reason for
the private WAN link to the remote office.)

From what I read it looks like a VPN will do this - but we don't need the
security and overhead since this is a private link.

Another wrinkle will be the fact that there is also a non-windows server on
the HQ LAN that the remote users will need to get to (via a proprietary
Telnet solution). But that I see as a simple TCP/IP routing issue.

Thanks.
Ben
 
B

Bill Grant

All you need is routing on the two Ciscos to forward traffic for the
"other" site across the private link (as long as the Ciscos are the default
routers for each site). As far as Windows is concerned it just looks like
two segments linked by a (slow) IP router. You will only have problems if
the Ciscos block ports which you need.
 
B

Bill Grant

I should have added that a site-to-site VPN is really just a way to
emulate a private point-to-point link like this. The encryption is added
because the traffic is travelling over the public network rather than on a
dedicated link.
 
G

Guest

I understand the VPN part - my question has to do with MS sign ons - when you
fill in your user name, password and then under options you give the MS
Domain name, That is not an Internet domain name. How does the windows client
computer know to take that MS domain name and "look it up" to get the IP
address of the AD Server? I understand DNS and IP, routing and the Internet
very well - what I need to learn is how does Windows, AD and windows domain
names work. Next, when signing on to an AD the ports that will need to be
open (in my private network only) are ports 137, 138 and 139 for TCP and UDP?

Thanks
 
B

Bill Grant

No, you don't really need the Netbios ports to log on to AD. AD uses DNS
to find a logon server. You may need them for file sharing.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Simple LAN to WAN routing. 2
L2TP IPSec error 789 & 792 0
Remote DCs in AD 11
Branch office over VPN-router gets slow response. 1
How to configure Cisco Systems VPN client v5 0
router forwarding traffic directly to VPN routers WAN IP 6
RRAS as VPN Server Configuration Questions... 8
Setting up RRAS through a firewall 2

Top