hamblin-d
asked on
Setting Up a Trust Between External Domains, IP Forwarding
We recently merged our company with 2 of our sister companies. At this time, we are looking to establist a trust between our company domain and one of the two sister companies (located in a different state) so users at one site can access resouces (files) at the other.
We would set up a VPN between our networks to provide the connectivity. Once thats in place, I understand how to setup the trust between the two domains. My question that I am unclear on, is once the trust is in place I understand we need to setup each of our DNS servers to have the others entries.
In reading it appears we would setup a forworder on each of our DNS servers pointing to each others.
Coming in through a VPN, do each of us need to be concerned with what the others internal IP scheme is? If internally both companies use 172.16.X.X as their IP scheme, can computers at one site have the same IP on their ntwork as a computer on the other domain, and can DNS etc keep it straight.
I am also seeking some documentation from our firewall vendor to better under stand how the IP scheme would work through a VPN.
Have never worked with a domain trust, so pardon the questions.
We would set up a VPN between our networks to provide the connectivity. Once thats in place, I understand how to setup the trust between the two domains. My question that I am unclear on, is once the trust is in place I understand we need to setup each of our DNS servers to have the others entries.
In reading it appears we would setup a forworder on each of our DNS servers pointing to each others.
Coming in through a VPN, do each of us need to be concerned with what the others internal IP scheme is? If internally both companies use 172.16.X.X as their IP scheme, can computers at one site have the same IP on their ntwork as a computer on the other domain, and can DNS etc keep it straight.
I am also seeking some documentation from our firewall vendor to better under stand how the IP scheme would work through a VPN.
Have never worked with a domain trust, so pardon the questions.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You could utilize a dedicated WAN link between sites, but those are generally very expensive and would run into the exact same problems with two sites on the same IP scheme.
ASKER
Yes, it turns out both sites use overlapping IP schemes. One of the two would need to change. Not sure we'd want to pursue a WAN link due to expense and long term goal of eventually creating a new single domain.
Thanks!
Thanks!
ASKER
Again pardon my ignorance, but is there a better way to connect the two networks than a VPN between our two firealls? Would it get us around any possible IP conflicts?
Very much open to suggestions here.