Artificial Posted June 1, 2011 Posted June 1, 2011 Hi! I have one computer, that i do not use and i would like to use it as a windows server for domain and VPN access. I have one desktop computer and one laptop computer and i have a couple of questions. 1. Can i have only one domain user for both computers (logged in at the same time), or do i have to create a seperate domain user for each computer? 2. At the moment i am testing the configuration. I can succesfully ping domain.net, server.domain.net, or computer1.domain.net, but I can not ping computer2.domain.net (on computer 2 it is reverse.. i can succesfuly ping domain, server and computer2, but not computer1). Why is that? 3. The computer i plan to use for server is an old P4 3.2Ghz. Will it effect speed on other computers, or will each computer be as fast as if not on domain? 4. What happens if server fails? Quote
ICTCity Posted June 1, 2011 Posted June 1, 2011 Hi! I have one computer, that i do not use and i would like to use it as a windows server for domain and VPN access. I have one desktop computer and one laptop computer and i have a couple of questions. 1. Can i have only one domain user for both computers (logged in at the same time), or do i have to create a seperate domain user for each computer? 2. At the moment i am testing the configuration. I can succesfully ping domain.net, server.domain.net, or computer1.domain.net, but I can not ping computer2.domain.net (on computer 2 it is reverse.. i can succesfuly ping domain, server and computer2, but not computer1). Why is that? 3. The computer i plan to use for server is an old P4 3.2Ghz. Will it effect speed on other computers, or will each computer be as fast as if not on domain? 4. What happens if server fails? Hi there, 1) Yes, one user can connect to multiple computer at the same time. 2) Computer 1 and 2 may have the firewall enabled, to config firewall to answer to echo request, take a look here: http://www.cam.ac.uk/cs/docs/faq/m8.html 3) This depends on how many users do you have and on how many login/s do you have. Usually, in a normal environment, a simple pc is ok. Anyway, pc's performances are not really related to domain. The only part that may slow down your PCs, is the login process, but after that, your pc will work without the DC. 4) you will be unable to login with DOMAIN accounts, only local (single pc) account will be available. Let me know if you need more help. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
Artificial Posted June 1, 2011 Author Posted June 1, 2011 (edited) Thank you for quick reply. I am a student and am learning about Windows Server. About No. 1... Is this the preffered way, or should i create more users anyway? No. 2. No, this is not the case. The computers were in the same workgroup before and could ping and share files with no problem. No. 3. So, desktop, my documents, and everything is still stored locally and each computer has its own files (like if i had a local user on each computer), only permissions are shared, if i understand correctly? I will install this server at home. My plan is to have it as VPN server, so i can connect to my desktop computer from laptop when i am not at home. Another thing is my network configuration... I have two external IP addresses... one is for Server, another one is for router. Server only accesses internet trough one external IP, all other computers only from the other IP. Server is connected to switch, so it can connect to computers locally (this is already working, only without domain). I drew a picture, so it will be easier to inderstand.... . What is the best way to configure this? Also, how can i configure DNS? I already have DNS servers for my domain that i can not change, so this server will only be the DNS for subdomain.domain.net Do you suggest any other roles? Edited February 9, 2014 by AWS Quote
ICTCity Posted June 2, 2011 Posted June 2, 2011 If you have only one person, create 1 account, if you have more than one, create more accounts. This is not mandatory but if you have more people connecting to tour system is better for security purpose. yes it's like a local account in some way :). Once you add the VPN role, set the external ip and then forward traffic from your router to the server. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
Artificial Posted June 4, 2011 Author Posted June 4, 2011 Why should i forward the traffic from router to the server? Quote
ICTCity Posted June 5, 2011 Posted June 5, 2011 Because the authentication server for your VPN will be behind your router. That means if you send packets via the internet to your router, it doesn't know where to send this data and it drops these packets. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
Artificial Posted June 7, 2011 Author Posted June 7, 2011 Not exactly. I have two external IP addresses. The server is directly connected and behind the router at the same time... It accesses the internet trough its own connection, only LAN traffic goes trough the router (see image in my previous post). Quote
ICTCity Posted June 7, 2011 Posted June 7, 2011 Well, in this case, configure the VPN directly to the external IP of the server. Check this guide: http://www.windowsecurity.com/articles/Configuring-Windows-Server-2008-Remote-Access-SSL-VPN-Server-Part2.html Once you are able to connect using IP (from the internet), we will look at the DNS config. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
Recommended Posts