1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Requirements to map drive over VPN

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by soslink, Feb 6, 2007.

  1. soslink

    soslink LI Guru Member

    We are getting ready to set up a Site-to-Site (Router-to-Router) VPN using (2) RV042 routers. Both sites have Static IPs. The Main Office(MO) we need to connect to is running Windows 2003 Server with XP desktops using a domain and have Static LAN IP addresses using 10.10.10.xxx. The Remote Office (RO) we are connecting from only has XP desktops in a peer-to-peer network and are the RV042 is a DHCP Server giving 192.168.1.x addresses.

    Once a desktop from the RO connects to the MO, we want to map a network drive to a shared folder on the Server.

    We have these questions:

    1. Does the RO Workgroup name have to match the Domain name at the MO?

    2. Do the users and computers from the RO have to be added to the Domain at the MO?

    3. Can more than one desktop from the RO connect to the MO at the same
    time - do you have to setup a separate tunnel for each desktop at the RO to the router at the MO?

    4. From Start>Run, what is the command to map a network drive to the
    MO? Why can't it just be done the normal way...?

    5. Will we be able to view systems in Network Neighborhood -- from both
    places?

    Thanks
     
  2. pablito

    pablito Network Guru Member

    You can do all the things you ask once the VPN is up. But your questions are about Windows setup and routing in general. Once the VPN is up it becomes transparent to the users and behaves like any other WAN/routing situation.

    A few tips:
    One VPN tunnel will serve everyone on the specified tunnel subnets.
    In your DHCP server set WINS (at the HO?) to all the users.
    If you want domain authentication then yes, join the remote machines to the domain.
    You don't need or want NetBios over the VPN
     
  3. YeOldeStonecat

    YeOldeStonecat Network Guru Member

    Clients at remote office should join the domain at the main office..and use the DCs IP as their primary DNS server.
    If they haven't actually joined the active directory yet...and you need to do that at the remote site, fill in the DNS suffix info..else they'll have problems joining active directory properly...but once joined...using DNS only will resolve fine.
     
  4. DocLarge

    DocLarge Super Moderator Staff Member Member

    If you're looking for a "drilled down" procedure to follow, then here's what I guess you're looking for (This should help to illustrate how to map drives once users via vpn tunnel or client):
    --------------------------------------------------------------------------
    ONCE YOU GET CONNECTED:

    Once you’ve made the connection and you want to connect to a shared resource that you have rights to from a remote location, on the "client" computer, open up windows explorer and click on "tools," then “map a network drive.” After clicking on that, choose a driver letter and type the ip address of a computer you have rights to on that network. You would type the following: \\192.168.1.10\sharename

    Where you see sharename would be where you would substitute the name of a folder you have share permissions to access (i.e., \\192.168.1.10\vpn).

    Before you click finish, click on “connect as different user” because in order to connect, that local machine needs to have a "username and password" created on it so it recognizes who you are. When you click this link, you’ll be asked to type in a username and password that has access rights. Click O.K., then click finish. The shared resource you have been given access to should pop up! If the account you’re connecting to has the permissions set properly, you’re all good now!

    NOTE: If you are part of a workgroup, you'll need to create the "same" user account on "each" computer in order to access the machine remotely. If you are part of a domain, make sure that your "domain user account" is part of a "domain group" that each network workstation/server's local group accounts will recognize based on active directories "single sign on" functionality.

    -------------------------------------------------------------------------

    Jay
     

Share This Page