cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can not access Active Directory Domain Services through Point-to-Site VPN

Scott Pulver
Copper Contributor

‎Jun 28 2017 06:14 AM - edited ‎Jun 28 2017 06:20 AM

‎Jun 28 2017 06:14 AM - edited ‎Jun 28 2017 06:20 AM

Can not access Active Directory Domain Services through Point-to-Site VPN

Hello community,

 

I'm having some trouble with my Azure deplaoyment. I have a classic VNet (VNet1) (10.0.0.0/16) with Active Directory Domian services on subnet 1. (10.0.0.0/23) and a VNet (VNet2) in Azure Portal with a Windows 2016 Virtual machine. (10.1.0.0/16) VMet2 in Azure portal has a subnet (10.1.0.0/23) and a gateway subnet (10.1.2.0/24). Peering is setup between VNet1 and VNet2 and connected. I also have a Virtual Netowrk Gateway setup for the Point-to-site connections with an address pool of 10.2.0.0/24 and created the root certificates for the VPN Client download.

 

I can add the Virtual Machine (10.1.0.4) to the domain, but I can not add the computer using the VPN client (10.2.0.2) to the domain. Any help or suggestions would be greatly appreciated. Thanks!

Labels:
1,800 Views
0 Likes
6 Replies
Reply
6 Replies
Niels Ophey

‎Jun 28 2017 02:25 PM

‎Jun 28 2017 02:25 PM

Re: Can not access Active Directory Domain Services through Point-to-Site VPN

Hi,

Do you have dns Setup right in your vpn client net?

Best
0 Likes
Reply
Scott Pulver

‎Jun 28 2017 05:53 PM

‎Jun 28 2017 05:53 PM

Re: Can not access Active Directory Domain Services through Point-to-Site VPN

I have set the VNet2 DNS server to be the IP address of the Active Directory Domain Services.

0 Likes
Reply
Niels Ophey

‎Jun 29 2017 12:27 AM

‎Jun 29 2017 12:27 AM

Re: Can not access Active Directory Domain Services through Point-to-Site VPN

Hi Scott, i thnik the Trouble can be that you are having an other DNS Server on the Client and not all traffic is redirectet thru the VPN Connection - maybe you can try a S2S VPN to join the Client and configure the S2S having only the DNS Services in the Cloud Vnet1? If you are using the P2S constalition i would set the DNS on all Connections to teh VNET1. But first of all check what DNS Servers are listet in the IPCOFNIG of the Client which is connecting thru the VPN. Best Niels
0 Likes
Reply
Kent Gaardmand

‎Jun 29 2017 02:19 AM - edited ‎Jun 29 2017 02:20 AM

‎Jun 29 2017 02:19 AM - edited ‎Jun 29 2017 02:20 AM

Re: Can not access Active Directory Domain Services through Point-to-Site VPN

Hi Scott

 

What is the reasoning behind using 2 VNET's ? if you are just creating a tunnel between the sites anyway, you could have had both those subnet in the same VNET and use NSG's to specifiy how the could talk to each other.

 

The VPN service adds costs to you deployment.

0 Likes
Reply
Scott Pulver

‎Jun 29 2017 07:35 AM

‎Jun 29 2017 07:35 AM

Re: Can not access Active Directory Domain Services through Point-to-Site VPN

Thanks. I will try this and let you know.

0 Likes
Reply
Scott Pulver

‎Jun 29 2017 07:39 AM

‎Jun 29 2017 07:39 AM

Re: Can not access Active Directory Domain Services through Point-to-Site VPN

I'm using Active Directoty Domain Services which can only be enabled in the classic VNet and I want to create instances in the new Azure portal, planning for the future. They are planning to have this feature in the new portal eventually.

 

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-faqs

0 Likes
Reply