New Site Setup - Newbie guide

I'm in the process of sending a server to a remote site. I need it to network and authenticate with our servers at HQ. All servers are running Server 2003.

Does anyone have a dummies Sites and Services step by step guide on how this can be done ? Simple language please !!

Also, I need to know how to setup the VPN connection either end with simple routers to allow the servers to talk.

Much appreciated, thank you

Really Awesome site !!
L-PlateAsked:
Who is Participating?
 
tigermattConnect With a Mentor Commented:

For my smaller clients I use Netgear FVS114 firewalls in their HQ site and in each branch office as the gateway and site-to-site VPN box. The wizards provided by the firewalls enable you to easily and quickly configure a site-to-site VPN between sites. If the FVS114 doesn't have as many VPN connection as you will need, you can always upgrade to a higher grade, such as an FVS338.

Each site must be on its own subnet for VPN routing to work accordingly. If you work on a subnet mask of 255.255.255.0 (254 hosts per subnet and also known as /24), you could use 10.0.0.0/24, 10.0.1.0/24, 10.0.2.0/24 and so on, one for each site. This would give a usable address range of 10.0.x.1 to 10.0.x.254 at each site. The subnets can be made larger or smaller if you wished.

Active Directory Sites and Services is a doddle to configure. All you need to do is launch the console and create separate Site objects, one for each separate site. You'd then browse to 'Subnets' in the left-pane and create new subnets, one for each subnet you are using. You then link the subnet to the site where it is actually configured. Finally, go to 'Inter-Site Transports > IP' and create a new Site Link to include the two sites. This allows replication to take place.

You will need to remember that you should ideally configure the server being sent to the remote site as a DC. You can then promote it as a GC and DNS Server, and use it for local authentication in the remote site. If it is a DC, all workstations in the remote site should point to it for their preferred DNS server, and preferably another DC in the HQ as an alternate DNS server.

I hope this helps you! BTW, I like your member name... 'L-Plate' :-)

-Matt
0
 
L-PlateAuthor Commented:
Thanks for getting back

Just a few more questions

Our current Default site has a subnet range of 10.0.0.0/24. What subnet range could I add to my new site ? Can I use 10.0.1.0/24 ? Would there be any problems ?

What about DHCP settings at this new site ? Would pool range need to be 10.0.1.0 ?

thanks
 
0
 
tigermattCommented:

> Our current Default site has a subnet range of 10.0.0.0/24. What subnet range could I add to my new site ? Can I use 10.0.1.0/24 ? Would there be any problems ?

In this instance, 10.0.1.0/24 would be a valid subnet to use for the other site.

> What about DHCP settings at this new site ? Would pool range need to be 10.0.1.0 ?

Yes. A pool range anywhere on the 10.0.1.0/24 subnet (10.0.1.1 through 10.0.1.254). The DNS Server IP should be the local AD DNS Server with 1st preference, IP of the DNS server in the main site as second preference.

-Matt
0
 
L-PlateAuthor Commented:
Thanks again ! Just need to be clear !

Just finally

The server is currently at HQ and has been promoted to a DC/DNS and GC. I have created a new container for the remote site in Sites and Services and moved the DC into there.

However I have not created any subnets yet as I thort it might conflict with the servers current IP settings. Do I go ahead and create a subnet of 10.0.1.0/24 in there now ?

Does the servers LAN IP address (10.0.0.x) need to be changed to match the subnet settings of the container (10.0.1.x) while at HQ or do I change this when I take it over to the new site and fire it up ?

Thanks for being patient
0
 
tigermattCommented:

You can create a new 10.0.1.0/24 subnet and assign it to the new site object now. Since the DC is explicitly made a member of the site (rather than being dynamically positioned by AD) this will not cause an issue.

You can either change the IP of the server now or when you start it up at the remote site. Since it is a DC, DNS Server and GC, it will start at the remote site and allow you to login to make the change. The only case when you have to be careful is if you deploy an RODC or a Member Server without changing the IP; that does cause problems.

-Matt
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.