?
Solved

New Site Setup - Newbie guide

Posted on 2009-04-24
6
Medium Priority
?
289 Views
Last Modified: 2012-05-06
I'm in the process of sending a server to a remote site. I need it to network and authenticate with our servers at HQ. All servers are running Server 2003.

Does anyone have a dummies Sites and Services step by step guide on how this can be done ? Simple language please !!

Also, I need to know how to setup the VPN connection either end with simple routers to allow the servers to talk.

Much appreciated, thank you

Really Awesome site !!
0
Comment
Question by:L-Plate
  • 3
  • 2
5 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 2000 total points
ID: 24231967

For my smaller clients I use Netgear FVS114 firewalls in their HQ site and in each branch office as the gateway and site-to-site VPN box. The wizards provided by the firewalls enable you to easily and quickly configure a site-to-site VPN between sites. If the FVS114 doesn't have as many VPN connection as you will need, you can always upgrade to a higher grade, such as an FVS338.

Each site must be on its own subnet for VPN routing to work accordingly. If you work on a subnet mask of 255.255.255.0 (254 hosts per subnet and also known as /24), you could use 10.0.0.0/24, 10.0.1.0/24, 10.0.2.0/24 and so on, one for each site. This would give a usable address range of 10.0.x.1 to 10.0.x.254 at each site. The subnets can be made larger or smaller if you wished.

Active Directory Sites and Services is a doddle to configure. All you need to do is launch the console and create separate Site objects, one for each separate site. You'd then browse to 'Subnets' in the left-pane and create new subnets, one for each subnet you are using. You then link the subnet to the site where it is actually configured. Finally, go to 'Inter-Site Transports > IP' and create a new Site Link to include the two sites. This allows replication to take place.

You will need to remember that you should ideally configure the server being sent to the remote site as a DC. You can then promote it as a GC and DNS Server, and use it for local authentication in the remote site. If it is a DC, all workstations in the remote site should point to it for their preferred DNS server, and preferably another DC in the HQ as an alternate DNS server.

I hope this helps you! BTW, I like your member name... 'L-Plate' :-)

-Matt
0
 

Author Comment

by:L-Plate
ID: 24240084
Thanks for getting back

Just a few more questions

Our current Default site has a subnet range of 10.0.0.0/24. What subnet range could I add to my new site ? Can I use 10.0.1.0/24 ? Would there be any problems ?

What about DHCP settings at this new site ? Would pool range need to be 10.0.1.0 ?

thanks
 
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24272518

> Our current Default site has a subnet range of 10.0.0.0/24. What subnet range could I add to my new site ? Can I use 10.0.1.0/24 ? Would there be any problems ?

In this instance, 10.0.1.0/24 would be a valid subnet to use for the other site.

> What about DHCP settings at this new site ? Would pool range need to be 10.0.1.0 ?

Yes. A pool range anywhere on the 10.0.1.0/24 subnet (10.0.1.1 through 10.0.1.254). The DNS Server IP should be the local AD DNS Server with 1st preference, IP of the DNS server in the main site as second preference.

-Matt
0
 

Author Comment

by:L-Plate
ID: 24279474
Thanks again ! Just need to be clear !

Just finally

The server is currently at HQ and has been promoted to a DC/DNS and GC. I have created a new container for the remote site in Sites and Services and moved the DC into there.

However I have not created any subnets yet as I thort it might conflict with the servers current IP settings. Do I go ahead and create a subnet of 10.0.1.0/24 in there now ?

Does the servers LAN IP address (10.0.0.x) need to be changed to match the subnet settings of the container (10.0.1.x) while at HQ or do I change this when I take it over to the new site and fire it up ?

Thanks for being patient
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24280807

You can create a new 10.0.1.0/24 subnet and assign it to the new site object now. Since the DC is explicitly made a member of the site (rather than being dynamically positioned by AD) this will not cause an issue.

You can either change the IP of the server now or when you start it up at the remote site. Since it is a DC, DNS Server and GC, it will start at the remote site and allow you to login to make the change. The only case when you have to be careful is if you deploy an RODC or a Member Server without changing the IP; that does cause problems.

-Matt
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question