Two subnets, one domain controller

Hi,

I want to make a VPN-to-VPN tunnel between two offices. The tunnel itself
will be created with IPCop (http://ipcop.org/). As a result I will have this
configuration:

Office 1:
NET: 192.168.100.0 / 255.255.255.0
Domain Controller, DNS, DHCP, WINS (192.168.100.5)
2 workstations (Windows XP, connected to domain controler)

Office 2:
NET: 192.168.200.0 / 255.255.255.0
4 workstations (Windows XP, connected to domain controler in Office 1)

The 4 workstations in "Office 2" are placed in "Office 1" now. My question
is
if I move them to "Office 2" do I need to change they configuration? They
now are using DHCP
to get IP address, DNS and WINS. I can use static IP addresses if I need
(because they must use
192.168.200.XXX), but will they logon to the domain in "Office 1" without
problems?


Please note that workstations from "Office 2" can ping "Office 1" and
"Office 1" can ping "Office 2".

"Nikolay Unguzov" <(E-Mail Removed)> wrote in message
news:umnL1%(E-Mail Removed)...
> The 4 workstations in "Office 2" are placed in "Office 1" now. My question
> is
> if I move them to "Office 2" do I need to change they configuration? They
> now are using DHCP
> to get IP address, DNS and WINS. I can use static IP addresses if I need
> (because they must use
> 192.168.200.XXX), but will they logon to the domain in "Office 1" without
> problems?

As long as you are giving them the correct TCP/IP config with the DHCP they
should be fine. You need to make sure they get the DNS and WINS. However
you may have a performace problem due to the slow VPN. Also if the VPN goes
down the Client can't authenticate,...do you really want that? The normal
proceedure is to put a DC at each location and use Active Directory Sites to
handle to AD Replication over the slow VPN. This way each LAN can continue
to function to some extent even if the VPN goes down, and it doesn't hurt
anything if Replication is cut off for a short period of time.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

Hi Phillip,



Thanks for the response.



You are right that the best way is to use two DCs, but this a license
problem (and money).

All documents are placed in "Office 1". I know about new futures in Windows
Server 2003 R2 and new replication - may be this is the answer:





"Phillip Windell" <@.> wrote in message
news:(E-Mail Removed)...
> "Nikolay Unguzov" <(E-Mail Removed)> wrote in message
> news:umnL1%(E-Mail Removed)...
>> The 4 workstations in "Office 2" are placed in "Office 1" now. My
>> question
>> is
>> if I move them to "Office 2" do I need to change they configuration? They
>> now are using DHCP
>> to get IP address, DNS and WINS. I can use static IP addresses if I need
>> (because they must use
>> 192.168.200.XXX), but will they logon to the domain in "Office 1" without
>> problems?
>
> As long as you are giving them the correct TCP/IP config with the DHCP
> they
> should be fine. You need to make sure they get the DNS and WINS. However
> you may have a performace problem due to the slow VPN. Also if the VPN
> goes
> down the Client can't authenticate,...do you really want that? The normal
> proceedure is to put a DC at each location and use Active Directory Sites
> to
> handle to AD Replication over the slow VPN. This way each LAN can continue
> to function to some extent even if the VPN goes down, and it doesn't hurt
> anything if Replication is cut off for a short period of time.
>
> --
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>

"Nikolay Unguzov" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> All documents are placed in "Office 1". I know about new futures in
Windows
> Server 2003 R2 and new replication - may be this is the answer:

You're better off than me there. I had the new features demo'ed once, but
the next day I couldn't remember most of it.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com