Need help creating test environment with VMWare Workstation.
So I am studying to get my MCSE and am trying to apply some of the concepts I read about. I want to create a test environment using VMWare workstation to create two seperate Active Directory forests and establish a forest trust. I have spent a good two days trying to figure this out and numerous headaches later I have to ask for help.
I have one forest using the custom network adapter VMnet2 and the other forest using VMnet3. My question is...how do I establish a connection between them so I can create a trust? I have tried using a RRAS in a separate VM (it had two NICs, one with an IP address from VMnet2 and the other from VMnet3) but for the life of me I cannot figure it out.
I understand this is not a "just click this button" sort of question. I just need some direction to a good resource or any sort of advice as to what I am doing wrong or if I should just persue a career in the fast food business. ;-)
Thanks in advance for any assistance provided.
I have one forest using the custom network adapter VMnet2 and the other forest using VMnet3. My question is...how do I establish a connection between them so I can create a trust? I have tried using a RRAS in a separate VM (it had two NICs, one with an IP address from VMnet2 and the other from VMnet3) but for the life of me I cannot figure it out.
I understand this is not a "just click this button" sort of question. I just need some direction to a good resource or any sort of advice as to what I am doing wrong or if I should just persue a career in the fast food business. ;-)
Thanks in advance for any assistance provided.
ASKER
I am not sure why I would need custom VMnets...I just did it that way. I assumed that since each DC would need a static IP on it's own subnet that using a custom VMnet would be the best way to do it.
NAT was meant to be a DHCP server, and once a VM gets an address, it usually keeps it, but you can increase the lease time with the VM Network Editor.
You can also put your host machine behind a small router and used Bridged Networking.
I think (looking at the Network Editor) that you must use one of the two. But I would keep them on the same subnet. You cannot put two SBS machines on the same domain, but I think they can be on the same subnet with different domains.
Introducing different subnets is probably why you are having difficulty. Start with one subnet, make your connection and see if you have any limitations.
... Thinkpads_User
You can also put your host machine behind a small router and used Bridged Networking.
I think (looking at the Network Editor) that you must use one of the two. But I would keep them on the same subnet. You cannot put two SBS machines on the same domain, but I think they can be on the same subnet with different domains.
Introducing different subnets is probably why you are having difficulty. Start with one subnet, make your connection and see if you have any limitations.
... Thinkpads_User
ASKER
The environment I want to have will consist of two forests with separate subnets with DNS and DHCP installed for any client VMs I create in the respective forest.
ASKER
By the way, I am using Windows Server 2003 Enterprise version....not SBS. I am not familiar with SBS at all.
So....the problem I am running into is because I want to have different subnets for each forest?
So....the problem I am running into is because I want to have different subnets for each forest?
I am not familiar with Enterprise :) SBS 2003 has Active Directory, but Server 2003 does not appear to have. My clients are small and do not use Enterprise.
Typically, when I have stuff at two different subnets, I connect them with VPN. I don't know if you can do that within VMware. ... Thinkpads_User
Typically, when I have stuff at two different subnets, I connect them with VPN. I don't know if you can do that within VMware. ... Thinkpads_User
This thread has only been alive for two days. The best answer I have to connect two different subnets is via a VPN connection. Should we allow time for others to provide answers?
... Thinkpads_User
... Thinkpads_User
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
jeabou,
Another and different approach would be to get a small, inexpensive VPN router (LinkSys/Cisco, for example). Put your host machine on the the router and put your first server in Bridged Networking mode (gets an IP from the router). Put your second server in NAT mode or in custom VMnet mode as a NAT device. Now your servers have different subnets and you can connect the second server to the first server using a VPN connection. This will very much emulate the real world scenario you are trying to achieve. ... Thinkpads_User
Another and different approach would be to get a small, inexpensive VPN router (LinkSys/Cisco, for example). Put your host machine on the the router and put your first server in Bridged Networking mode (gets an IP from the router). Put your second server in NAT mode or in custom VMnet mode as a NAT device. Now your servers have different subnets and you can connect the second server to the first server using a VPN connection. This will very much emulate the real world scenario you are trying to achieve. ... Thinkpads_User
ASKER
If I use FreeSCO will I need to add the VM of it to both teams? What is the difference between creating a Team for each forest using LAN segements compared to having each forest use the same Custom vmnet adapter for their respective forest?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for the detailed response...I appreciate it!
I will attempt to create the environment you laid out and will let you know how it goes.
I will attempt to create the environment you laid out and will let you know how it goes.
ASKER
I do have one question before I begin though....when I create the VM for FreeSCO do I add it to both teams? I am assuming it needs to have three NICs based on your response and in order for it to have LAN1 and LAN2 it will need to be in both teams....am I correct? Or do I just create one team and add all of the VMs to it and assign the NIC per VM accordingly?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK, well I have the environment setup but am having trouble using FreeSCO. I am choosing an ethernet router during the setup. Why does eth0 have a field for a gateway address but the other eth adapters do not?
I can ping the IP that FreeSCO is using on each LAN.
I just can't get communication between the subnets working.
This is what I have:
Network = 10.10.0.0
==========================
Forest A - LAN1 = 10.10.10.0
A-DC1 - LAN1 = 10.10.10.1 (DNS, DHCP), 255.255.255.0 (Subnet Mask), 10.10.10..254 (Gateway)
A-Client1 - LAN1 = 10.10.10.x (assigned by DHCP)
==========================
Forest B LAN2 = 10.10.20.0 (Subnet 2)
B-DC1 - LAN2 = 10.10.20.1 (DNS, DHCP), 255.255.255.0 (Subnet Mask), 10.10.20.254 (Gateway)
B-Client2 - LAN2 = 10.10.20.x (assigned by DHCP)
==========================
FreeSCO
LAN1 - 10.10.10.254
LAN2 - 10.10.20.254
eth0.jpg
eth1-AM.jpg
I can ping the IP that FreeSCO is using on each LAN.
I just can't get communication between the subnets working.
This is what I have:
Network = 10.10.0.0
==========================
Forest A - LAN1 = 10.10.10.0
A-DC1 - LAN1 = 10.10.10.1 (DNS, DHCP), 255.255.255.0 (Subnet Mask), 10.10.10..254 (Gateway)
A-Client1 - LAN1 = 10.10.10.x (assigned by DHCP)
==========================
Forest B LAN2 = 10.10.20.0 (Subnet 2)
B-DC1 - LAN2 = 10.10.20.1 (DNS, DHCP), 255.255.255.0 (Subnet Mask), 10.10.20.254 (Gateway)
B-Client2 - LAN2 = 10.10.20.x (assigned by DHCP)
==========================
FreeSCO
LAN1 - 10.10.10.254
LAN2 - 10.10.20.254
eth0.jpg
eth1-AM.jpg
ASKER
OK, so after looking at my post I figured out that eth0 needs to be connect to the physical network. So I added another NIC to FreeSCO and assigned it to use a bridged connection. I re-configured FreeSCO to the following screenshots. I can now get to the internet from the VMs in each LAN but they still cannot communicate with each other.
ETH0-new.jpg
eth1.jpg
eth2.jpg
ETH0-new.jpg
eth1.jpg
eth2.jpg
ASKER
OK, finally got it figured out. Once I realized I could ping by IP address but not by name from each LAN I knew it had to do with name resolution. So, in each forest I configured DNS forwarding and that did it. Thanks for the help!
You're welcome! Glad that you were able to hammer in the final nail in the coffin for your Team setup.
... Thinkpads_User