• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 510
  • Last Modified:

Replicate active directory Server 2008 R2 on 2 subnets

We have a firewall for the outside then another firewall internally that will sit between Exchange 2010 on Server 2008 R2 and our internal network. There is a Server 2008 R2 domain controller on the internal network.  how can I setup AD to replicate between the two servers.  They have separate subnets of 192.168.2.x and 192.168.1.x
We can not setup VPN between.

Thoughts?
0
t1llc
Asked:
t1llc
  • 3
  • 2
1 Solution
 
perfectpcCommented:
Can you give us some sort of idea how your network is setup. If you have added a machine as a domain controler it should just replicate.

Glenn
0
 
t1llcAuthor Commented:
Netgear Prosafe Firewall is the router between Internet and Exchange. Between Exchange and Users is another Netgear Prosafe Firewall (same model FVS318 v3). The concern is security and keeping anything public facing isolated.  The internal firewall has the WAN connection from a LAN port on the external firewall. Exchange is plugged into the external firewall.  100 Users and the Domain controller or connected to the LAN Ports on the internal firewall.  

I have opened ports for LDAP, SMB, DNS, RPC, WINS, NetBIOS and Kerberos. This didnt work.  

we have also setup static routes between the two networks but nothing seems
0
 
perfectpcCommented:
If your using exchange 2010 you only put the edge server on standard built server. It should not be connected to AD at all as this is a security risk. Please see the website on how nit should be setup
http://araihan.wordpress.com/2009/11/16/exchange-server-2010-edge-transport-role/
0
 
t1llcAuthor Commented:
I was reading about this as well.  We only have 2 boxes.  Is it possible to setup Edge on a virtual (Hyper-V) disk and throw it out there using the additional NIC in the exchange server?
The way I figure is to assign the virtual disk an IP on the main router facing the internet and run a cable from that NIC to that router.
0
 
perfectpcCommented:
You could do it that way. You don't have to use and edge server. You could open up the ports to the main server and setup exchange like you would on an sbs2008 server. You don't need anything fantastic in the way of a new box unless your avery large company so harware won't cost too much.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now