Routing traffic from remote of site to site vpn



  • I have already established a working site to site vpn, however i need help on routing traffic on a server which is using a different gateway.
    To be specific, i have client from remote network which i need to authenticate to Active Directory server inside the HQ network, which is using a different gateway.

    my understanding is that i need to create routing rules for this. ( if im right?

    appreciate your help.



  • If you could perhaps post a diagram of your setup to give a little more description of your environment and what you need to accomplish we might be able to shed some light.



  • Hi divsys,

    Attached is the diagram. computer from remote has no problem reaching the computers from HQ using the default gateway. Since Active Directory is from HQ side is using another gateway( which is the ISA server), then thats is my problem.




  • Unfortunately I'm not good enough with AD setups to give you a definitive answer (hopefully someone brighter than me will chime in).

    With the diagram you provided, as long as the VPN connects both ends correctly (eg. 192.168.100.2 can reach both 192.168.1.20, 192.168.1.250 AND the reverse direction works as well) then you can consider your setup as two subnets.

    Imagine the HQ pfsense with a new NIC card that has the address 192.168.100.254 and the remote site was magically in the same building.  Then your problem becomes trying to connect two different subnets to one AD domain.  A quick Google search of "AD One domain two subnets" should get you started.

    As I said earlier, I'm not bright enough with AD to talk you through this, but with a little research (and maybe a more experienced voice than mine) this is definitely doable.



  • I was thinking if routing would do the trick, if there something can be done to reroute the traffic from the HQ default gateway to the AD gateway vice versa.

    thanks


Log in to reply