Results 1 to 4 of 4
  1. #1
    Newbie
    Join Date
    Dec 2020
    Posts
    2

    Unhappy Untangle IPSEC VPN tunnel cannot join the domain

    As the title says, I have created a IPSEC VPN tunnel between my Home and a dedicated server. The dedicated has 2 IPs and from there, I created a VM and assigned the IP to it. I have a working tunnel and I can ping hostnames of the servers and DCs, but I cannot join the Windows 10 VM. (DCs are located at site A)

    Site A (Home Network) has an internal network of 172.16.0.0/16 and site B has network of 192.168.37.0/24. There error when trying to join the domain is, "Name resolution for the name _ldap._tcp.dc._msdcs. timed out after none of the configured DNS servers responded." The DNS server is the untangle VM and when I try to use the DCs in the DNS settings, nothing works.

    How can I get this to work?

    Thanks
    Last edited by sir asvald; 12-02-2020 at 09:49 AM.

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,228

    Default

    That's DNS not working, or the AD supporting DNS is broken.

    Assuming the not working client is using Untangle, you need to configure that untangle to use the AD supporting DNS server for the domain in question so those MSDCS records resolve.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Newbie
    Join Date
    Dec 2020
    Posts
    2

    Default

    The VM is using untangle as the router and it is the DHCP server. How do I configure Untangle to work with AD?

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,228

    Default

    Config -> Network -> DNS

    The right side says Domain DNS Servers, add an entry there for the AD supporting DNS domain, and put in the IP address of an AD supporting DNS server in the server column.

    That will force Untangle to use the AD DNS server to resolve AD DNS names, it will also mean all devices on your remote network will be able to resolve AD names.

    Alternately, if that VM is the only domain asset on the network, and you want to keep everything else separate, you'd simply configure the DNS on that VM statically to use the above, along with an appropriate DNS suffix. Your call, based on what you're trying to do.

    One more thing assuming you perform the DNS change on Untangle, it's very likely your DNS Suffix on the VM is for the local network and not AD, due to this you'll need to use the long DNS name of your domain for it to find it. However, once joined the client will have a permanent DNS suffix to enable use of short names.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2