VPN 5 sites together, AD questions
Posted on 2004-11-01
The company I work for has 5 sites running a mixture of ISDN and fractional T1 lines. We have created the site to site VPN tunnels between all of these places. We are running a mixture of PRO 230's, TZ170's, and PRO 2040's. This is our first attempt at this so keep that in mind : )
All 5 of these sites have their own domain controller. The domain controllers at these 5 sites all individually have unique I.P. address ranges, and each DC handles all 5 FSMO roles for just the site they are at. Nothing too complicated just the basic setup. DNS is also AD integrated at each site.
I need a user sitting behind site1 to be able to connect to a server at sites 2-5 using his or her user authentication from site1 DC.
I am now trying to create trusts between all 5 Domain Controllers. I am not sure if this is the best way to do things? In order to create trusts 2 ways between sites I needed to add each sites DNS zones into all the other sites Domain Controllers DNS. Then I must enable netbios to pass through the VPN tunnel. Then and only then can I add the trusts in AD in both directions. From what I understand this might take up a lot of bandwidth. Am I going about this the right way? Is their a better way of going about this? Does anyone have any advise as far as do's and don’ts?