Sign in with
Sign up | Sign in
Your question

VPN over WAN with active directory

Last response: in Networking
Share
January 9, 2011 3:01:45 AM

Greetings all! I have a small yet pressing issue. I have a main site (A) and three remote sites (B,C,D).
Site A has about 40 users (broadband T1)
site B has two users (broadband ISDN)
site C has four users (broadband T1)
site D has four users (broadband T1)

All the sites have a CSU/DSU but only site A and B are connected on a WAN.

We need all sites to connect to the home office (site A) and our server at the home office. I was thinking of a VPN setup get some sonicwalls and go from there. But my concern is can I integrate AD with the VPN? Or would it be better to just go with WAN? My only concern is how to configure each of the CSU/DSU so they connect to our home site if I choose to stay with WAN.

The other concern is that the site B has been complaining of the latency of their regular functions of their desktop experience. I cant honestly seem to figure out why other then the fact the previous IT had it setup where their desktop was saved to the server as well as their personal drives. Eliminating that should speed it up I think.

More importantly I wanted to know if I used a VPN would I have to have a server at each site or can I get them to connect to our server and log in via AD? Thank you so much.
January 11, 2011 6:53:33 AM



A Site to Site VPN from all three sites to Site A will solve your problem.
m
0
l
January 12, 2011 12:41:21 PM

Go with the VPN solution. Kerberos by default has a 5 minute window which is more than sufficient to allow AD communication.

If you have DCs at each site, check your AS Sites and Services to make sure each site is setup and has their respective DC assigned to that site. Otherwise you would experience slow logon times.

Redirecting files over the WAN will generally be slow. It would be concerning that files would not be getting backed up which is why the drives and folders are re-directed. You could look into a de-duplication backup software to install on your clients to allow them to store files locally and let it backup over the WAN. After the first backup, they will not notice the backup process.

m
0
l
!