We use out DNS servers at HQ. You could put in a local provider as secondary just in case your end goes down. I even push DHCP over the WAN. That makes changes a lot easier.
cw ________________________________ From: Tom Miller [mailto:[email protected]] Sent: Wednesday, August 12, 2009 4:29 PM To: NT System Admin Issues Subject: Re: PC in domain across stable VPN tunnel? How do you configure DNS for those sites? Currently these sites point to our provider DNS servers for Internet sites. I could add entries in local host files and still leave the provider DNS entries. I don't want DNS requests for sites going across tunnels. >>> "James Kerr" <[email protected]> 8/12/2009 5:25 PM >>> Sure. We have two domains and a VPN between them. When I sit at the main site we can setup a PC and add it to the remote domain, they are able to find the remote DC through our DNS. James ----- Original Message ----- From: Tom Miller <mailto:[email protected]> To: NT System Admin Issues <mailto:[email protected]> Sent: Wednesday, August 12, 2009 5:17 PM Subject: PC in domain across stable VPN tunnel? Hey folks: I have about 15 sites that have 2- 5 users/PCs that have "business class" broadband (a bit faster than typical home access). Soon I plan to provide each site a soho firewall and will have a VPN tunnel from each site to here at HQ. I'd love to be able to add these PCs to our domain so I could enforce our various GPOs at these locations. Has anyone done this? I already have several tunnels like this at other locations but haven't added the PCs to the domain. I'm not sure about the cross-tunnel authentication, but if it's not too slow (no mapped drives or logon scripts), I'd do it. It would be nice to have these users log into the domain as well. Comments, suggestions, words of wisdom? Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
