  1. Hi There,

    I got 1 domain , 2 servers , the servers are configured with isaserver 2000.
    The servers are connected over a vpn link.. The prim.domain
    controller( is on 1 site of the link.
    Secondary controller( on the other site.

    The problem is on the internal network on the remote location.
    when the clients connect to a share wich is on the local server( the network
    of the remote site) it is very slow.
    At first I thought i had to do with the browser service , but also when I
    connect to the server with "\share" sometimes it takes about 30
    seconds for the share to open. But when i connect from the remote site to a
    share located on the mainserver with " servername\share " the share does
    open very quicly .. And that one goes over the vpn link. Dns on both sites
    of the link is working properly.

    Anyone has an idea what is going wrong ?

    Perry Perdijk, Oct 3, 2005
  2. Perry Perdijk

    Ian Guest

    Does name resolution occur the same way at both sites? do both sites
    have wins and dns servers with the same info or are you broadcasting
    requests across the subnets for name resolution?

    If you are relying on broadcast for 1 site then this could be the issue.


    Are you using the domain controllers as VPN Servers? How many network
    cards do they have installed? What IP addresses for the Domain
    Controllers appear in Wins / DNS

    Ian, Oct 3, 2005
  3. Does name resolution occur the same way at both sites? do both sites
    Do i need wins on the servers?
    I have dnsservers running on both domaincontrollers. On the prim.
    domaincontroller and secondary dns on the sec.domaincontroller.
    Dns seem to be working fine on both site's.
    I do run the domaincontrollers as vpnservers. They both have 2 nic's
    installed, on internal (192.168.x.x) and 1 external (
    Both servers got isa2000 installed.
    Both dnsservers are listening on only the internal ipadres.

    Thx for your help so far...

    Main question about your comment, do i need to install winsservers for this
    type of configuration?

    Perry Perdijk, Oct 3, 2005
  4. Perry Perdijk

    Bill Grant Guest

    Yes, you need WINS. Browsing uses Netbios names and LAN broadcasts. The
    only effective way to get in working in a WAN or a routed network is with
    WINS. Without WINS there is no way that the Domain Master Browser can find
    the master browser in the other segment to build a network-wide browse list.

    You can use one WINS server for the combined network. If you set up a
    WINS server at each site, make sure that they replicate.
    Bill Grant, Oct 4, 2005
  5. Perry,
    I don’t think it's a master browser or wins problem.
    Could be that it is getting the ACLs from your server over the VPN.
    Do you have a site link between them?
    Wendel Hamilton, Oct 4, 2005
  6. Hi There,

    I dont know exaclty if I have a site link .I thougth windows did that
    If i look in AD sites en services I see " default first sitename" under
    that i see the 2 servers .
    If i look in " inter-site-transport" then under "IP" I see
    If i look in "subnet's" There is nothing there.

    I'm not a sitelink expert so any idea's are more then welcome.


    Perry Perdijk, Oct 4, 2005
  7. Wendel Hamilton, Oct 4, 2005
  8. Perry Perdijk

    Bill Grant Guest

    Hi Wendel,

    Two sites assigned to two different subnets would certainly be an
    improvement! But I don't think it would solve the slow browsing. If a share
    in the "other" site opens faster than a local one, I agree with Ian that it
    is probably a master browser problem. I looks like there is not a
    network-wide browse list. The other alternative would be to use Dfs.

    And there is still the worry of DCs as routers.
    Bill Grant, Oct 5, 2005
  9. Normally I would agree but he can’t connect to shares using the IP address of
    the server and thus the master browser should be bypassed.
    My reasoning that the remote server opens shares quickly as it is looking up
    the ACLs on its local network where the remote server is probably connecting
    through the VPN to get the ACLs from the other server.
    It was only a suggestion.
    He should defiantly set up WINS correctly or configure all his computers to
    use DNS and remove NetBIOS over TCPIP. Any way I hope one of us can resolve
    his issue.
    Wendel Hamilton, Oct 5, 2005
  10. Perry Perdijk

    Ian Guest

    Sorry for my absence - I always forget to check my posts outside of the
    ..general board!!

    Think we have all raised valid points

    * Sites, Site Links and subnets need to be configured so that
    workstations have the ability to figure our which DC they should be using!

    * Wins needs to be setup for netbios to be able to work properly (Even
    if you are accessing the resource via IP!!)

    I'm pretty sure that the OP's problems will disappear when this has been

    Ian, Oct 5, 2005
  11. Perry Perdijk

    Perry Guest

    Thx everyone for your thoughts..
    Yesterday i have set up the site stuff.. I now got 2 site´s , 2 subnet´s
    linked to it.
    I got 1 dedaultipsitelink .
    So I think i have set it up correctly, not sure what to do with the `smtp`
    fiolder under intersite transports.
    Also I have set up a wins server on both of the domaincontroller´s, the only
    thing is the clients have static ipadresses
    so I have to wait for the weekend to change that.Bcause i am not on that
    location before the weekend.
    I didnt speak with persons from the remote site to ask if the `site´ thing
    did the job.

    Perry, Oct 5, 2005
  12. Perry Perdijk

    Perry Guest

    Thx guys,
    The site thing and the Wins server did the trick.
    Actuele , I think the Wins server did it.

    Thx everyone, this one was very : "learnfull"
    Perry, Oct 12, 2005
