Group Policy and VPNs
-
We have the problem with Pertino that while nearly everything works, it is 'borking' DNS is a manner that things like MS Outlook can't find Office365.
And the native MS Windows VPN gets borked and won't connect to an ERL from time to time, forcing the user back to Pertino
-
@gjacobse said in Group Policy and VPNs:
We have the problem with Pertino that while nearly everything works, it is 'borking' DNS is a manner that things like MS Outlook can't find Office365.
Is that because of the AD Connector?
-
SDN and internal DNS seems to be the problem. If one could go completely to an external DNS, that might help, but you're still having two IPs on everything, both a physical NIC/VM and the SDN NIC.
-
What is AD Connector? This is not something I am familiar with. Where would it be located?
-
@gjacobse said in Group Policy and VPNs:
What is AD Connector? This is not something I am familiar with. Where would it be located?
It was an thing you could buy from Pertino that fixed DNS issues with AD.
-
@gjacobse said in Group Policy and VPNs:
What is AD Connector? This is not something I am familiar with. Where would it be located?
It's the piece of Pertino that you have to pay extra for in order to get AD to work correctly with Pertino. You can tell if you have it because it should be listed as one of the add ons in the console. Also, if AD servers are set up in Pertino, that's the functionality that allows that to happen. It allows you to select up to three AD servers that will be defined by and controlled by Pertino.
-
@Dashrender said in Group Policy and VPNs:
SDN and internal DNS seems to be the problem. If one could go completely to an external DNS, that might help, but you're still having two IPs on everything, both a physical NIC/VM and the SDN NIC.
The theory of an overlay SDN is that every device has the SDN IP and should use only that.
-
Well from this - it would appear that it should be available.
-
Available, but is it being used properly?
-
We use Cisco Any Connect that authenticates against AD, but is not tied to any kind of GPS and it works for us just fine. Except for deployment, I see no need in using GPS.
If we use GPS for anything, it's with RADIUS for our wireless network. That works in one location but not the other. And this is only because both locations have different wireless systems and in how each system implements RADIUS and authenticates a laptop against an OU.
