Reply

SRX5308 VPN to VPN SRX5308

kkontney
Follower

SRX5308 VPN to VPN SRX5308

Hello, I am sure that this has been asked 1000 times, but I am not finding a good answer.  Here is what I got -

 

Main Office
LAN IP scheme: 172.20.0.x & 255.255.255.0
WAN IP: 174.102.197.239
Router Model: SRX5308 (Latest Firmware: 4.3.3-6)
Active Directory: Yes: Server 2012 R2

 

Satellite Office
LAN IP scheme: 10.0.0.x & 255.255.255.0  72.131.40.217
WAN IP: 72.131.40.217
Router Model: SRX5308 (Latest Firmware: 4.3.3-6)
Active Directory: No, Just Client PC's Windows 10 Pro

 

The VPN Tunnel wizard worked great and the VPN tunnel was established just fine.  I can ping Main Office resources from Satellite Office.  I can map Network Drives by IP address (like \\172.20.0.201\smile).

 

However, I cannot map drives by Name (like \\server\smile vs. \\172.20.0.201\smile).  When I do a NSLOOKUP (hostname at Main Office) it does not resolve.

 

So how do you allow DNS queries to see Main Office resources from the Satellite Office?  I would like users to map drives to Main Office server on Satellite Office PC's.  Also would like to join Domain/Active Directory over VPN.

 

-Kyle Kontney

Message 1 of 2

Accepted Solutions
DaneA
NETGEAR Moderator

Re: SRX5308 VPN to VPN SRX5308

Hi kkontney,

 

Welcome to the community! Smiley Happy

 

Have you tried to enable NetBios on the VPN Policy of both sites?  Kindly refer to the image below:

 

Enable NETBios.jpg

 

 

Hope these steps will help you join Domain/Active Directory over VPN:

 

A. On the Main Site:

 

1. Get the search base.  On the image below, Windows Server 2003 has been used.  Take note that users are already created in the Active Directory.

 

AD_VPN 01.jpg

 

2. Enable LDAP information on the SRX5308.  On the image below, the LDAP Server is set to 192.168.3.150 (AD).

 

AD_VPN 02.jpg

 

AD_VPN 03.jpg

 

 

B. On the Remote Site:

 

1. On the PC/s on the remote site, it should be a member of the Domain Name.  On the image below, the Domain Name created is "training2.com.

 

AD_VPN 04.jpg

 

2. Set Static DNS Servers.  Take note that the Preferred DNS server is the IP Address of the Domain Controller while the Alternate DNS Server is the Default Gateway Address of the PC connected to the SRX5308.  On the image below,  192.168.3.150 is the IP Address of the Domain Controller while 192.168.3.254 is the  Default Gateway Address of the PC connected to the SRX5308. 

 

AD_VPN 05.jpg

 

 

AD_VPN 06.jpg

 

3. The PC/s on the remote site will reboot. After it reboots, you will login as the new user using the username and password created on the AD.  The user should be able to access the shares or files that are saved in the Domain Controller from the PC/s on the remote site. 

 

Hope this helps! Smiley Happy

 

 

Regards,

 

DaneA

NETGEAR Community Team

View solution in original post

Message 2 of 2

All Replies
DaneA
NETGEAR Moderator

Re: SRX5308 VPN to VPN SRX5308

Hi kkontney,

 

Welcome to the community! Smiley Happy

 

Have you tried to enable NetBios on the VPN Policy of both sites?  Kindly refer to the image below:

 

Enable NETBios.jpg

 

 

Hope these steps will help you join Domain/Active Directory over VPN:

 

A. On the Main Site:

 

1. Get the search base.  On the image below, Windows Server 2003 has been used.  Take note that users are already created in the Active Directory.

 

AD_VPN 01.jpg

 

2. Enable LDAP information on the SRX5308.  On the image below, the LDAP Server is set to 192.168.3.150 (AD).

 

AD_VPN 02.jpg

 

AD_VPN 03.jpg

 

 

B. On the Remote Site:

 

1. On the PC/s on the remote site, it should be a member of the Domain Name.  On the image below, the Domain Name created is "training2.com.

 

AD_VPN 04.jpg

 

2. Set Static DNS Servers.  Take note that the Preferred DNS server is the IP Address of the Domain Controller while the Alternate DNS Server is the Default Gateway Address of the PC connected to the SRX5308.  On the image below,  192.168.3.150 is the IP Address of the Domain Controller while 192.168.3.254 is the  Default Gateway Address of the PC connected to the SRX5308. 

 

AD_VPN 05.jpg

 

 

AD_VPN 06.jpg

 

3. The PC/s on the remote site will reboot. After it reboots, you will login as the new user using the username and password created on the AD.  The user should be able to access the shares or files that are saved in the Domain Controller from the PC/s on the remote site. 

 

Hope this helps! Smiley Happy

 

 

Regards,

 

DaneA

NETGEAR Community Team

View solution in original post

Message 2 of 2
Discussion stats
  • 1 reply
  • 3616 views
  • 0 kudos
  • 2 in conversation
Announcements