Solved

Is a Domain Controller Required for a ISA Site-2-Site VPN?

Posted on 2006-07-02
3
232 Views
Last Modified: 2013-11-16
I am trying to create a branch office to sustain about a dozen users for several months until they rejoin the main workforce.  I want to minimize the number of servers necessary.  The users need to be able to access resources on the company's domain.  AFAIK the only resource at their site (besides the local desktops) will be one printer.  I have already installed ISA Server 2004 on the remote branch server (link not up yet) and the main office also uses ISA Server 2004, but now I am wondering if I also need to install DNS and/or a Domain Controller.

If they will login to the domain as they power up their computers I guess they will need a local DC, right?  If so, can I make the ISA Server a DC (realizing it is not a good idea from a security standpoint)?  I know I can put DNS on the ISA Server.  I think I can handle the L2TP/IPSec Site-to-Site VPN, but I am not sure about the DC and DNS requirement.

Can someone point me in the right direction?  Is there a good document to which I can refer?

Thanks!

Tom
0
Comment
Question by:tomwsimon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 125 total points
ID: 17029145
Check out www.isaserver.org for the latest recommendations on ISA back to back/hub and spoke.

also, http://www.msfirewall.org/isa2004kits.htm

This has a copy of the isa2004 guides....
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question