Windows Vista logging to Windows domain over OpenVPN

Discussion in 'Networking & Internet' started by xfirestorm, Oct 20, 2009.

  1. xfirestorm

    xfirestorm

    Joined:
    Oct 20, 2009
    Messages:
    2
    Likes Received:
    0
    Hello,



    here's a situation. I have a Win2k8 Server acting as a domain and file server(DNS also). On it, I've installed and configured OpenVPN Server, so now, the server has 2 local IPs.

    Local LAN IP: 192.168.1.254

    VPN LAN IP: 10.8.0.1

    And then I have some remote machines, some running WinXP some WinVista.

    On WinXP I downloaded OpenVPN, configured it, started as service, connected to VPN server like should, joined a domain, rebooted, logged in, everythings working.



    But then I came across WinVista remote machine, followed the same procedure, installed OpenVPN, configured, started as service, it connected to VPN Server and so far everything has been ok. The trouble started when I tried joining a domain, no matter what I tried(googled half the web) and nothings seems to do the trick. I simply can't connect to the domain, using the domain name, it replies with error that it can't handle the operation.



    The VPN is pushing it self as WINS and DNS server, which is ok, if I nslookup server.domain.local it resolves to both IPs, 10.8.0.1 and 192.168.1254, with VPN LAN IP being on top. Which is ok, same happens on WinXP machine.

    So I was kinda frustrated there, as the resolving seemed ok. So instead of just resolving, I tried pinging. First on WinXP:

    ping server.domain.local

    resolves to 10.8.0.1 and ping goes through just fine.

    Next WinVista:

    ping server.domain.local

    resolves to 192.168.1.254 and ping goes nowhere. :O

    Although if I ping 10.8.0.1 it works.

    So I think...well...I know that the problem is right here, because WinVista uses the Local LAN IP instead of the VPN LAN IP.

    Which is perfectly clear to me, and I've been searching everywhere to convince Vista to use the VPN LAN IP instead and...no dice.

    I've even edited systemroot\system32\driver\etc\hosts file and added:

    10.8.0.1 domain.local

    10.8.0.1 server

    10.8.0.1 server.domain.local

    Then tried pinging in same order, first two resolved to VPN IP just like it should, but when I tried to ping server.domain.local the resolve was wrong(Local LAN IP) again.

    So now I'm kinda lost :S



    HALP!? :hehe:



    Best regards,

    Thomas
     
    xfirestorm, Oct 20, 2009
    #1
    1. Advertisements

  2. xfirestorm

    xfirestorm

    Joined:
    Oct 20, 2009
    Messages:
    2
    Likes Received:
    0
    EUREKA!



    I've done it, finally.

    The problem was within Kernel Routing Table. More specifically in the "metric" setting.

    WinVista assigns a lower metric to the connection which has the shortest route to target. And when using multiple connections it uses the connection with the lowest metric.

    So basically what this means is that if you have let's say 1 LAN and 1 WLAN. Your internet connection speed over your LAN is 20mbps and your internet connection speed over your WLAN is 10mbps, and you connect both of them to your computer, vista will prefer LAN, because it's faster(has a shorter route), but if you want to force it to use WLAN, just change the LAN metric to let's say 20, and your WLAN metric to 10.(same goes with VPN)

    To fix the metric you need to go to connection properties, and from there go to TCP/IPv4 properties, click on Advanced and manually input metrics for all connection.
     
    xfirestorm, Oct 24, 2009
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.