From Ciaran Kenny @CiaranJKenny
Back in the SBS 2003 days multiple subnets, most commonly to allow for site-to-site hardware VPNs, caused a bit of a problem when using the SBS 2003 ConnectComputer Wizard. In the case of SBS 2003 the reason for this was that the IIS ConnectComputer sub site had a default restriction to only allow connections from the subnet in which the SBS server was installed. To cater for additional sites/subnets you would add the relevant subnets to the ‘access granted’ list of subnets and - job done.
Like everything else, things are a little different with SBS 2008. There don’t seem to be any subnet restrictions on the ‘Connect’ sub site. Or, if there, I can’t see them anywhere. But when you try to run Connect from a VPN connected site using a different subnet you will find that you get a page cannot be displayed error. So you can then spend some time tearing your hair out trying to figure out how to add an extra subnet in IIS 7 – before realising that ‘Page Cannot Be Displayed’ is obviously a name resolution error.
Usually for a small branch office subnet without its own server you are going to set the IP addressing information manually on each PC – with the main office SBS server as the DNS server etc. (not DHCP of course)
The problem is that, without knowing what domain to add to a host name, the PC in the branch office has no way of resolving what it sees as a single host name – 'Connect'.
So, the key is to add the internal domain name as a dns suffix to the IP configuration of the network cards of the PCs in the branch office. This is a good idea anyway and will make your network run more smoothly.
Using connect.domain.local doesn’t work as this will send an http request with the wrong header information.
If anyone knows a better way do please let me know (apart from having a Windows DHCP server in the 2nd subnet).
No comments:
Post a Comment