New Site Setup - Newbie guide

Posted on 2009-04-24
Last Modified: 2012-05-06
I'm in the process of sending a server to a remote site. I need it to network and authenticate with our servers at HQ. All servers are running Server 2003.

Does anyone have a dummies Sites and Services step by step guide on how this can be done ? Simple language please !!

Also, I need to know how to setup the VPN connection either end with simple routers to allow the servers to talk.

Much appreciated, thank you

Really Awesome site !!
Question by:L-Plate
    LVL 58

    Accepted Solution


    For my smaller clients I use Netgear FVS114 firewalls in their HQ site and in each branch office as the gateway and site-to-site VPN box. The wizards provided by the firewalls enable you to easily and quickly configure a site-to-site VPN between sites. If the FVS114 doesn't have as many VPN connection as you will need, you can always upgrade to a higher grade, such as an FVS338.

    Each site must be on its own subnet for VPN routing to work accordingly. If you work on a subnet mask of (254 hosts per subnet and also known as /24), you could use,, and so on, one for each site. This would give a usable address range of 10.0.x.1 to 10.0.x.254 at each site. The subnets can be made larger or smaller if you wished.

    Active Directory Sites and Services is a doddle to configure. All you need to do is launch the console and create separate Site objects, one for each separate site. You'd then browse to 'Subnets' in the left-pane and create new subnets, one for each subnet you are using. You then link the subnet to the site where it is actually configured. Finally, go to 'Inter-Site Transports > IP' and create a new Site Link to include the two sites. This allows replication to take place.

    You will need to remember that you should ideally configure the server being sent to the remote site as a DC. You can then promote it as a GC and DNS Server, and use it for local authentication in the remote site. If it is a DC, all workstations in the remote site should point to it for their preferred DNS server, and preferably another DC in the HQ as an alternate DNS server.

    I hope this helps you! BTW, I like your member name... 'L-Plate' :-)


    Author Comment

    Thanks for getting back

    Just a few more questions

    Our current Default site has a subnet range of What subnet range could I add to my new site ? Can I use ? Would there be any problems ?

    What about DHCP settings at this new site ? Would pool range need to be ?

    LVL 58

    Expert Comment


    > Our current Default site has a subnet range of What subnet range could I add to my new site ? Can I use ? Would there be any problems ?

    In this instance, would be a valid subnet to use for the other site.

    > What about DHCP settings at this new site ? Would pool range need to be ?

    Yes. A pool range anywhere on the subnet ( through The DNS Server IP should be the local AD DNS Server with 1st preference, IP of the DNS server in the main site as second preference.


    Author Comment

    Thanks again ! Just need to be clear !

    Just finally

    The server is currently at HQ and has been promoted to a DC/DNS and GC. I have created a new container for the remote site in Sites and Services and moved the DC into there.

    However I have not created any subnets yet as I thort it might conflict with the servers current IP settings. Do I go ahead and create a subnet of in there now ?

    Does the servers LAN IP address (10.0.0.x) need to be changed to match the subnet settings of the container (10.0.1.x) while at HQ or do I change this when I take it over to the new site and fire it up ?

    Thanks for being patient
    LVL 58

    Expert Comment


    You can create a new subnet and assign it to the new site object now. Since the DC is explicitly made a member of the site (rather than being dynamically positioned by AD) this will not cause an issue.

    You can either change the IP of the server now or when you start it up at the remote site. Since it is a DC, DNS Server and GC, it will start at the remote site and allow you to login to make the change. The only case when you have to be careful is if you deploy an RODC or a Member Server without changing the IP; that does cause problems.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
    I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
    In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now