how DA client will access local file server in DA client subnet

Hi,

We have setup directaccess in our environment and everything is working fine except the client facing issues of slowness in accessing files from file server located in data center. This file server is used only by the users on directaccess site. We are discussing to place the server in directaccess client subnet so that client will work more efficiently.

We have configured the vpn tunnel between directaccess site and data center to manage the printers remotely. Since vpn tunnel is in place and to enable the client to use directaccess connection we have blocked the port of NLS server so that client will connect with directaccess only.

Local file server will communicate with data center on vpn tunnel.

My query is to know would client be able to communicate with local file server directly as both are in the same subnet with \\IPAddress  of local file server when client connected with directaccess. Also, if we required to access the file server with short name or fqdn does that required entry in host file of client accessing the server ?

I Think when DA client working from home the client will still access the file server and  the traffic for local file server will routed from datacenter to local file server on vpn tunnel.

Any help would be highly appreciated.





  • Edited by achievers Thursday, July 24, 2014 4:53 AM
July 24th, 2014 4:43am

Hi john,

However my concern was is this possible for directaccess client to communicate with local server directly without routing from DA server since both server and client are connected with ADSL router.

  • Edited by achievers Tuesday, August 05, 2014 6:35 AM
Free Windows Admin Tool Kit Click here and download it now
August 5th, 2014 6:34am

Hi,

Please find the my answers.

1: can able to access file server or NAS drive.

Yes, we are able to access file server. But since there was latency because the traffic was going from GDC to remote site where the server exits(DA client and file server on same site). due to latency issue we had decided to move the file server on DMVPN and mapped the drives with ip address so that client can directly access the shared folder without routing the traffic from GDC. We also mapped the shared drive with hostname so that they can access the shared folder while working from home and in this case the traffic goes through DA server

2: Can able to access shared folder, after sharing it from any system of internal network

Yes, we are able to access shared folders from server hosted in GDC and RDC. however for some server we found that SMB port 445 was blocked between DA server and file server.

3: Can able to ping IPv4 or how to use shared printer for remote DA client in windows server 2008 R2

yes, we are able to ping IPv4 of server in same subnet  where only ADSL is present. we have created VLAN's and blocked the port 443 in DMVPN from remote site to GDC server so that client will connect with DA to access internal resources. this DMVPN is also used to manage printers on remote sites.

since server and clients are on same subnet , it would be good to access  printers and shared folders on ip address of file server so that communication wouldn't go through DA server. however the same is accessible with hostname.


  • Edited by achievers Wednesday, March 25, 2015 3:36 AM
  • Proposed as answer by pwnkmr 9 hours 21 minutes ago
March 25th, 2015 3:35am

Hi,

Please find the my answers.

1: can able to access file server or NAS drive.

Yes, we are able to access file server. But since there was latency because the traffic was going from GDC to remote site where the server exits(DA client and file server on same site). due to latency issue we had decided to move the file server on DMVPN and mapped the drives with ip address so that client can directly access the shared folder without routing the traffic from GDC. We also mapped the shared drive with hostname so that they can access the shared folder while working from home and in this case the traffic goes through DA server

2: Can able to access shared folder, after sharing it from any system of internal network

Yes, we are able to access shared folders from server hosted in GDC and RDC. however for some server we found that SMB port 445 was blocked between DA server and file server.

3: Can able to ping IPv4 or how to use shared printer for remote DA client in windows server 2008 R2

yes, we are able to ping IPv4 of server in same subnet  where only ADSL is present. we have created VLAN's and blocked the port 443 in DMVPN from remote site to GDC server so that client will connect with DA to access internal resources. this DMVPN is also used to manage printers on remote sites.

since server and clients are on same subnet , it would be good to access  printers and shared folders on ip address of file server so that communication wouldn't go through DA server. however the same is accessible with hostname.


  • Edited by achievers Wednesday, March 25, 2015 3:36 AM
  • Proposed as answer by pwnkmr Wednesday, March 25, 2015 9:57 PM
Free Windows Admin Tool Kit Click here and download it now
March 25th, 2015 3:35am

Thanks achievers, for your quick reply,

1. As ans no.3 you said IPv4 is pinged by DA clients I think you are using VPN with it.

2. I am facing issue as i have shared folder on my Direct access server but my DA client is not able to access it by its host name or any other type. but through public IP DA client is being access it SO can you tell me where is the issue exist, because if folder is being accessed by public IP its mean there is 445 SMB port allowed.

3.  what is fform of DMVPN, GDC and RDC.

pls reply

March 25th, 2015 5:28pm

Hi,

As ans no.3 you said IPv4 is pinged by DA clients I think you are using VPN with it.

We are using DMVPN to manage the printer from GDC(Global Data Center) in Europe. But since file server and client are located in same remote site, they can ping with IPv4. when pinging server with netbios or fqdn, the traffic goes from DA tunnel and results in high latency.
Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual private network (VPN) supported on Cisco IOS-based routers

2. I am facing issue as i have shared folder on my Direct access server but my DA client is not able to access it by its host name or any other type. but through public IP DA client is being access it SO can you tell me where is the issue exist, because if folder is being accessed by public IP its mean there is 445 SMB port allowed.

If ports are open and you are able to access the folder with public IP address of DA server then this should work with hostname as well. Please try to access the folder with server name you have registered with ISP . i.e  DA.domain.com.

3.  what is fform of DMVPN, GDC and RDC.

Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual private network (VPN) supported on Cisco IOS-based routers
GDC:- Global Data Center
RDC:- Regional Data Center

Free Windows Admin Tool Kit Click here and download it now
March 30th, 2015 4:03am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics