11/6, I have got Mikrotik CCR1009-7G-1C-1S+ to replace my very old MoNowall firewall device. and then my domain have this problem:
1, Remote desktop very slow, stock at “Applying user settings”;
2, Hyper-V manager open a VM very slow, stock “Connect to xxx”;
3, Can’t join the domain, hips:“the network path was not found”
4, Can’t access to Domain, and so on very much weird issues.
So, do I need at set up anything at IP-firewall? and now I just set up this 2 rules for VPN:
input, tcp, 1723
input, gre
These issues happening on the LAN? (AD and workstations on same LAN)
If you did not turn off DHCP on the Mikrotik, then your MS DHCP server will disable itself and allow the Mikrotik to give out IPs (and the default DNS).
On a workstation you can’t join to the domain, go to command prompt.
nslookup
set type=all
_ldap._tcp.dc._msdcs.Domain_Name (replace Domain_Name with your domain name)
Does it resolve and tell you where to find the domain controller? Usually it specifies the FQDN of a DC.
ipconfig /all
what does it say for DNS server? It must be the server with Microsoft DHCP running and managing the DNS for the active directory.
This is your problem. You should use the MS DHCP. It will register your workstations in the DNS. Use the services that the AD provides. (DHCP, DNS, WINS)
Okay, I got this, I just enable DHCP feature at AD domain server.
I’ll keep this, thanks.
By the way, before using MoNowall which got DHCP server too, not any MS DHCP server, but it works fine.
The Mikrotik can still be DHCP but would have to give out IP of MS DNS. Your previous router must’ve had some support for SRV records, whereas Mikrotik offers only basic DNS functionality.
In a Windows Domain network, it’s common for the MS Server to be DHCP and DNS.
