Announcement

Collapse
No announcement yet.

connecting clients from different subnets to Active Directory

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • connecting clients from different subnets to Active Directory

    hi everyone in my company we have two subnets which is 192.168.0, and 192.168.0.1 because we have two different ISPs is it possible to make them join active directory. I found two problems the first 1 is how to make both subnets communicate with the DC the second 1 how to make DNS forwarders to two ISP DNS, I was thinking to use root hints instead. any idea I would be appreciate

  • #2
    Re: connecting clients from different subnets to Active Directory

    are they on the same physical site?

    we'd need more information about your network to define how best to do it
    however, best option is to make sure the two networks know about each other, and route between them accordingly.
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: connecting clients from different subnets to Active Directory

      it's a small company about 40 computers in the same site each 20 computers are in different subnet. I assigned alternate IP address to to the computer to make them communicate with each other

      Comment


      • #4
        Re: connecting clients from different subnets to Active Directory

        each of the two subnets has their own internet connection.
        therfore, i assume that each of them has their own default gateway.

        so 192.168.1.0/24 has a dgw of 192.168.1.1, which connects to the internet
        and 192.168.2.0/24 has a dgw of 192.168.2.1 which connects to the internet

        I don't know what sort of router these are.

        So, I would physically connect an interface on 192.168.1.1 to 192.168.2.1
        I would then ensure that 192.168.1.0/24 knows how to route to 192.168.2.0 and has relevant ACLs to do so
        I would do the reverse on 192.168.2.0

        that should mostly sort it out.
        You'll need to get some dns going somehow though..


        the other way would be to create a site-to-site vpn between connection 1 and connection 2. That's a fairly wasteful way to do it.
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: connecting clients from different subnets to Active Directory

          VPN between sites (most routers support them) and, if necessary, static routes.

          I have found that you often have to give the fqdn when joining computers in the remote site to AD
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: connecting clients from different subnets to Active Directory

            see.. the problem i see with him doing site-to-site vpn, is that both networks are on the same site.. so ehe's needlessly generating internet traffic..
            Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

            Comment


            • #7
              Re: connecting clients from different subnets to Active Directory

              should have read slower
              Didnt spot they were in the same site!
              Tom Jones
              MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
              PhD, MSc, FIAP, MIITT
              IT Trainer / Consultant
              Ossian Ltd
              Scotland

              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment

              Working...
              X