Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Logon to Domain via VPN and DNS-problem
  •  
r.aerts

Messages: 19
Karma: 0
Send a private message to this user
Hi!
I have a W2K3-server running as PDC. The PDC, other servers and clients have to connect to the Internet via a pc with KWF installed. After long searches on this forum I have established to run VPN. From external networks I can now login on the internal network. Almost everything is working, but DNS does not work. Could some one tell me how to configure DNS and DNS-forwarding? (I have a primary and secondary DNS from my ISP, my PDC is also a DNS server).
The next problem: it is possible to use the internal network by VPN; networkdrivemapping and accesing servers and clients is not a problem at all. But I want to acces the PDC (AD) to automatically login to the domain and running auto logonscripts etc. How can I establisch this? (is this a result of the DNS-problem??)
Thx.
  •  
hhred

Messages: 12
Karma: 0
Send a private message to this user
make sure that:

the kerio service is running under the admin account (by default it is running under the local account)

enable icmp (ping) (local + vpn)

  •  
r.aerts

Messages: 19
Karma: 0
Send a private message to this user
Hi hhred,

DNS is working OK now.
icmp is enabled. Traffic rules are defined correct.
From external client I can connect with VPN-client to network. I can ping all servers and internal clients.
Networkmapping "//ip-adres/map" in cmd-line is working.
Pinging to Dis-name is not working.
Also login to domain is not possible.
What could be the problem?

  •  
hhred

Messages: 12
Karma: 0
Send a private message to this user
maybe you need to edit your lmhosts file(s):

navigate to etc directory, e.g. in a dos-task, enter the following:


cd %systemroot%\system32\drivers\etc


in the etc directory, there should be a hosts and a lmhosts file, if not, create the lmhosts file, e.g. copy the ms-sample-lmhost file and afterwords edit this file:


copy lmhosts.sam lmhosts.


edit the lmhosts. file with notepad or something similar.
create an entry like:
a.b.c.d PDCNAME #PRE #DOM:DOMAIN-NAME
e.g. the PDC of your domain has the ip 10.11.12.13, the name Server1 and your domain is MyDom, the line should read:


10.11.12.13 Server1 #PRE #DOM:MyDom


Windows reads the lmhosts. instrutions before logon process starts.

Also, once i used a szenario like this:
1.) boot
2.) logon locally
3.) start the kerio VPN Tunnel (ADSL-Dial-in Line)
4.) logout locally, note the ADSL Line is still up)
5.) logon to the domain of the company accross the VPN Tunnel

  •  
r.aerts

Messages: 19
Karma: 0
Send a private message to this user
Again thx for your reply.
But my problem is still not solved!!

I think it is also an IP-problem.
When the VPN-client is connected the IP-configuration of the VPN-adapter of:
- the VPN-server shows:
ip-adress : 192.25.205.1
subnetmask : 255.255.255.0
ip-adress : 196.254.88.177
subnetmask : 255.255.255.0
def.gateway :
DHCP server : 169.254.88.176
DNS servers : 192.25.205.1

- the VPN-client shows:
ip-adress : 192.25.205.2
subnetmask : 255.255.255.0
ip-adress : 196.254.27.27
subnetmask : 255.255.255.0
def.gateway :
DHCP server : 169.254.27.26
DNS servers : 192.25.205.1

Why is the second ip-adress and dhcp-server of both interfaces is showing a 196.254.x.x-adres?
Doesn't my KWF-DHCP-server has to lease adresses?
Could this be the problem?
Please help me!! Embarassed Confused
Previous Topic: Question about file types being AV scanned
Next Topic: cant connect to webserver
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 15:15:21 CET 2017

Total time taken to generate the page: 0.00455 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.