Hello
I have setup a site to site VPN using astaro boxes on either side. I can ping through the VPN from both ways and it seems to be working great. On one side of the VPN I have a DC what I want to add a computer to from the other side of the VPN. I can ping the DC, resolve its hostname (ad1.mydomain.pri) and when I go to join the domain it finds it and asks me to enter a user with the proper rights to join the domain, which I have. I have setup the DNS on the client computer to point to the DC/DNS servers on the other side of the VPN. After I enter my user/pass to join the domain it fails with the following error:
The following error occured attempting to join the domain "mydomain.pri"
The service did not respond to the start or control request in a timely fashion
Does anyone have any experience setting this up? the VPN link seems quite fast and stable, so maybe this is still a DNS issue? I also read something about broadcast packets not being forwared through the VPN that could also cause this but I am not sure.
Any help would be great.
-Colin
UPDATE: I just read something about the MTU size having to be adjusted to deal properly with the VPN communication... anyone know anything about this? or is it another dead end.
UPDATE 2: I changed the default MTU to 1350 for the ethernet interface and was able to join the domain on the other side of the VPN! good stuff, I should think this would be more documented though :/ This also resolved a side issue I had where I could not TS over the VPN to a server on the other side (I assue TS was also sending packets larger then the MTU would deal with over the VPN) This also explains why ping etc would work.
I was also able to promote the newly added server to a domain controller so there is a shared domain accross the VPN with DC's on either side.
Maybe this will help someone else with similar issues in the future, cause it sure stumped me!
This thread was automatically locked due to age.
