RRAS DNS Issue

Gegg-8342 1 Reputation point
2020-10-27T07:36:37.093+00:00

We have an 2016 essentials server at site A with a second DC and a file server at site B. The two sites are joined by a site to site VPN and everything appears to be functioning normally with the exception of the users that VPN in from remote locations.

Users that VPN in to site A (the essentials server) are unable to access resources at site B.

I can make this work by ticking the "Use Default Gateway on Remote Network" option but this of course routes all traffic over the VPN making other things very slow and using resources at Site A.

I can also make it work by using PowerShell to add a route to the VPN with this Add-VpnConnectionRoute -ConnectionName 'VPN Name' -DestinationPrefix Site B Subnet here /24 but this means I would have to manually add this on all the remote machines and if anything changed I would have to manually change it!

I've used tracert to figure out that the issue is that the RRAS DNS issued to the VPN connection does not seem to know about the second DC at Site B but I can't see how to fix this?

Any help would be appreciated.

Thanks

Geoff

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,260 questions
Windows Server Infrastructure
Windows Server Infrastructure
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Infrastructure: A Microsoft solution area focused on providing organizations with a cloud solution that supports their real-world needs and meets evolving regulatory requirements.
553 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Gloria Gu 3,901 Reputation points
    2020-10-28T08:04:20.41+00:00

    @GeoffAukett-8342 Hi,

    Thank you for posting in Q&A!

    Can you please post the Network topology diagram of your whole environment structure? It will help us understand your environment more clearly.

    Does site A exist two RAS server, one for the remote PC to connect, another used for the site-site VPN server?

    Hope you have a nice day!
    Gloria

    ============================================
    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. Gegg-8342 1 Reputation point
    2020-10-29T08:35:53.987+00:00

    Hi Gloria,

    Site A (W2016 Essentials Server)--------Draytek Router--------Site to Site VPN----------DrayTek Router-----------Site B (W2019 DC and W2019 File and Print Server)

    Users on local LAN at Site A and Site B can access all resources at both sites.

    Users only VPN into Site A and can access all resources at Site A but cannot get access to shared resources at Site B

    If I add use Add-VpnConnectionRoute -ConnectionName 'VPN Name' -DestinationPrefix Site B Subnet then VPN users can access all resources at both sites.

    If this is what I have to do to make this work then I guess I'll have to live with it, it just seems so inelegant!

    Thanks

    Geoff

    0 comments No comments

  3. Gegg-8342 1 Reputation point
    2020-11-04T07:17:56.443+00:00

    Hello, is there any body there??

    0 comments No comments

  4. Gegg-8342 1 Reputation point
    2021-01-11T12:40:22.913+00:00

    While no one seems to be able to answer this, I think that my solution above is correct and the reason is explained here :- how-to-add-persistent-route-for-2-vpn-connections-when-interface-varies+

    Thanks

    Geoff


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.