I need to connect a remote computer (physically outside of the domain) to the infrastructure at our data center which is controlled by active directory. I can VPN to the data center just fine, but I want to find out how I can setup this computer to automatically connect through the VPN to the data center and then via active directory so that the computer is authenticated and that the logins can be processed by AD. Can Windows handle this automatically, or do I need to purchase some sort of router that will establish a VPN connection and just provide that to the computer?
FYI – The reason for this is I am setting up a remote secondary backup machine to the network at the datacenter and Microsoft DPM requires that the machine be on AD network.
I am running Windows Server 2008 R2 SP1 on the remote machine and the VPN server and Server non-R2 on the domain controllers.
Best Answer
I'd probably be more tempted to set up a Site-to-Site VPN, and use a router to terminate the VPN connection for the external site.
Basically, this way you'd have a more stable (theoretically) VPN connection that doesn't rely on AD to authenticate. There's no reason that this would be less secure than an AD Authenticated VPN connection, but it would be a damnsight easier to set up, especially in an automatic fashion