Board logo

VPN question
mookaloid - 18/12/11 at 03:15 PM

Any VPN experts please?

I have a work network and a home network and I have routers that will create a permanent LAN to LAN VPN if I set it up.

I already have VPNs set up for remote dialling in on individual laptops but I would like to permanently appear as one LAN with one IP subnet ie the dhcp server in the office issues addresses through the VPN to machines at home - is this possible please?

At the moment if I want to say join the office domain with a pc, I have to take it to the office because it won't join remotely. I have a feeling that if I have it all as one subnet then I will be able to join the domain from home - or am I barking up the wrong tree?


Cheers

Mark


mark chandler - 18/12/11 at 03:22 PM

All in one subnet, so create a tunnel making the network in between transparant.

You really want an IPSEC tunnel for security.

Regards Mark


phoenix70 - 18/12/11 at 04:35 PM

sounds like you need to sort out the routing, a single subnet shouldn't be need. I think you need to stick some routing on your routers to point the two subnets at each other.


dan__wright - 18/12/11 at 04:38 PM

spreading one subnet over two sites is generaly a bad idea, there are only a few circumstances where you would want to do this.

have one subnet at your home site and one at work, at your home site make sure you are using your work dhcp and dns servers and you use the correct connection suffix and you should be good (you will need to look into dhcp forwarding or ip-helpers to get it to work)

edit: one other thing that i think is worth mentioning is WINS, even though you supposedly dont need it i use it as it has overcome quite a few issues, if you still cant get it working thn add wins into the mix

a goodway to test is to ping your domain name, if it resolves you should be able to join the domain

[Edited on 18/12/11 by dan__wright]


ironside - 18/12/11 at 06:48 PM

quote:
Originally posted by mookaloid
I already have VPNs set up for remote dialling in on individual laptops but I would like to permanently appear as one LAN with one IP subnet ie the dhcp server in the office issues addresses through the VPN to machines at home - is this possible please?



Hi

It is possible but it's quite slow to have one subnet across both sites because part of your VPN bandwidth gets gobbled up by the broadcast traffic across your subnet. It's better to have two separate subnets and use the VPN to route between them. You can configure a single DHCP server to forward over different subnets but it would be simpler (and easier) to have your home router do your home DHCP locally.

quote:
Originally posted by mookaloid
At the moment if I want to say join the office domain with a pc, I have to take it to the office because it won't join remotely. I have a feeling that if I have it all as one subnet then I will be able to join the domain from home - or am I barking up the wrong tree?



Assuming the VPN is up, regardless of whether you're on one subnet or two and what is doing DHCP, configuring your PC at home to use the DNS server(s) at the office would fix this.

Cheers,
Simon.