• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1173
  • Last Modified:

How to replicate between 2 Windows 2003 Servers over PPTP VPN

I have 2 Windows 2003 servers at 2 different offices which are 3 miles apart.  The users for these offices rotate on a weekly basis.  I want to setup AD replication between the 2 servers via internet connection so that logon passwords and permissions will be the same at each office.    Currently, if there are user changes, I have to remote in to each site to make changes which sometimes is time consuming.

I have file sharing setup using an open source VPN called OpenVPN between the sites and this works ok.
However, I'd like to replicate the AD between both offices via OpenVPN or Microsoft VPN (PPTP or L2TP).  Both offices use DSL with static IP.   NAT is applied at a Dlink Wireless Router/Firewall at each site.

I know I have to set up 2 sites in AD for each office on each Server, however, because I want to do the replication over VPN, I'm not sure of how to setup the DNS or routing.   Any help would be appreciated.

0
jcrdsl77
Asked:
jcrdsl77
1 Solution
 
dan_blagutCommented:
Hi
I made a thing like that in the past but a little bit different:
I used 1 domain with 2 DC, one in each site, and 2 sites 1 for each phisical site.
For each phisical site one IP network (10.x.x.x and 192.168.x.x)
I made the connection using VPN routers Linksys (BFV series)
External hosted DNS for external name and internal Windows 2000 DNS for internal network and AD.
I chosed hardware for tunneling because the software ISA VPN tunnel was unstable, but this solution is very easy scalable (now we have 3 tunnels and is place for 47 more)
 So after the VPN tunnel is establish you need just verify that your servers sees each other and made the changes in your AD infrastructure for defining the sites. Be carefull with the IP addressing, but if you use two clases is OK and you can't make mistake.
 Good luck

Dan
0
 
jcrdsl77Author Commented:
Thanks for the reply.  The client I was working with is going thru a lot of financial problems and wasn't able to revisit this for a while.  And, a hardware solution is
not affordable for them at this point.

For each Physical site I have 2 seperate classes.  There are DNS entries at each Domain Controller for the other site.   They are joined via the internet over an OpenVPN link.  The VPN address for one site is:  10.8.0.1 and the VPN address for the other is 10.8.0.2.  The site classes are different from these addresses also.

Both sites can ping each other, both with ip addresses and by hostname.  Also,
I can map drives and copy files, etc.....   The time difference between both Domain controllers is only a few seconds off.   However, replication doesn't take place.

0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now