1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Inter-Site AD replication using Server 2003 via the Internet

Discussion in 'Windows Home Server' started by Help me, Aug 12, 2009.

  1. Help me

    Help me Guest

    I have 2 physical sites which are both in the same domain which I can connect
    via a vpn. Both sites servers have static IP address. One site is the GC,
    FMO the other is a backup domain controller. The intranet IP scopes are
    192.168.0.x and 192.168.255.x.

    Where can I find documentation how to configure the DNS, and AD Site
    settings to be abile do to FRS and AD replication across the internet with
    out using a vpn.

    Thanks
     
    Help me, Aug 12, 2009
    #1
  3. Ace Fekay [MCT]

    Ace Fekay [MCT] Guest

    "Help me" <Helpme@discussions.microsoft.com> wrote in message
    news:26A9E5A6-E0D9-4FCD-A559-BED7C3EDF300@microsoft.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    >I have 2 physical sites which are both in the same domain which I can
    >connect
    > via a vpn. Both sites servers have static IP address. One site is the
    > GC,
    > FMO the other is a backup domain controller. The intranet IP scopes are
    > 192.168.0.x and 192.168.255.x.
    >
    > Where can I find documentation how to configure the DNS, and AD Site
    > settings to be abile do to FRS and AD replication across the internet with
    > out using a vpn.
    >
    > Thanks
    ><!--colorc--><!--/colorc-->


    Without a VPN? That is rather difficult, or actually easy, whichever way you
    want to look at it. It requires 29+ ports opened, plus the Service response
    ports, which are the whol range of UDP 1024 and above to encompass Windows
    2003 and Windows 2008 response ports. This is also referred to as
    'Swiss-cheesing my firewall."

    You could create a wide open rule between the two firewalls of your two
    locations, however this is NOT recommended.

    If that is what you want to do, I don't recommend it. I wouldn't want my
    data to be flying across some insecure, dark back alley where someone can
    intercept the traffic and pull all the data out, and find out everything
    about my company. I would rather seal it in a tightly locked container with
    a lock, key and a secret password, then send it across the alley, and the
    guys on the other side of the alley know how to open container with our
    pre-agreed lock, key and secret, hence what a VPN does.


    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Please reply back to the newsgroup or forum to benefit from collaboration
    among responding engineers, and to help others benefit from your resolution.

    Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
    Microsoft Certified Trainer

    For urgent issues, please contact Microsoft PSS directly. Please check
    for regional support phone numbers.
     
    Ace Fekay [MCT], Aug 12, 2009
    #2
  4. Meinolf Weber [MVP-DS]

    Meinolf Weber [MVP-DS] Guest

    Hello Help,

    Keep the VPN connection or another reliable one over internet with routers.
    That's the correct way for a production envrionment, you have to make sure
    replication wokrs correct.

    Best regards

    Meinolf Weber
    Disclaimer: This posting is provided "AS IS" with no warranties, and confers
    no rights.
    ** Please do NOT email, only reply to Newsgroups
    ** HELP us help YOU!!!

    <!--coloro:blue--><span style="color:blue <!--/coloro-->
    > I have 2 physical sites which are both in the same domain which I can
    > connect via a vpn. Both sites servers have static IP address. One
    > site is the GC, FMO the other is a backup domain controller. The
    > intranet IP scopes are 192.168.0.x and 192.168.255.x.
    >
    > Where can I find documentation how to configure the DNS, and AD Site
    > settings to be abile do to FRS and AD replication across the internet
    > with out using a vpn.
    >
    > Thanks
    > <!--colorc--><!--/colorc-->
     
    Meinolf Weber [MVP-DS], Aug 13, 2009
    #3
  5. Bill Grant

    Bill Grant Guest

    I have to agree with Ace and Meinolf. My first reaction when I read your
    post was "Don't even think of doing that!"

    "Meinolf Weber [MVP-DS]" <meiweb(nospam)@gmx.de> wrote in message
    news:ff16fb662d3138cbea0898573dfc@msnews.microsoft.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > Hello Help,
    >
    > Keep the VPN connection or another reliable one over internet with
    > routers. That's the correct way for a production envrionment, you have to
    > make sure replication wokrs correct.
    >
    > Best regards
    >
    > Meinolf Weber
    > Disclaimer: This posting is provided "AS IS" with no warranties, and
    > confers no rights.
    > ** Please do NOT email, only reply to Newsgroups
    > ** HELP us help YOU!!!
    ><!--coloro:green--><span style="color:green <!--/coloro-->
    >> I have 2 physical sites which are both in the same domain which I can
    >> connect via a vpn. Both sites servers have static IP address. One
    >> site is the GC, FMO the other is a backup domain controller. The
    >> intranet IP scopes are 192.168.0.x and 192.168.255.x.
    >>
    >> Where can I find documentation how to configure the DNS, and AD Site
    >> settings to be abile do to FRS and AD replication across the internet
    >> with out using a vpn.
    >>
    >> Thanks
    >><!--colorc--><!--/colorc-->
    >
    > <!--colorc--><!--/colorc-->
     
    Bill Grant, Aug 13, 2009
    #4

Share This Page