?
Solved

SBS 2011 Standard server based VPN for inter site AD replication

Posted on 2012-03-20
6
Medium Priority
?
582 Views
Last Modified: 2012-09-24
Hello,

I have a client that currently has 2 sites and is using SBS 2011 on the main site and Windows 2008 std on the second.

I am looking to configure Windows based VPN link(s) between the sites to allow AD replication.

I have currently configured the second site to connect to the Windows SBS 2011 using the VPN wizard on the main office server, and used a VPN client connection on the second site server; but am having communication issues.

I have run repadmin and it shows that the main site is not able to communicate with the second office.

Do I have to create a separate VPN connection from the main site to the second site server to enable 2 way VPN traffic?

Due to project funding restrictions at this time, we are restricted to utilizing a Windows VPN solution; with future plans to migrate the VPN to a hardware based solution.

Many thanks for any assistance and advice
0
Comment
Question by:dwknight
  • 4
  • 2
6 Comments
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 37747797
Is the server at the remote location already a DC?
0
 

Author Comment

by:dwknight
ID: 37761978
Hello,

Yes it is. It was initially set up using the following procedure.

1. Enable VPN access on the main site SBS 2011 server
2. Connect to the main site from the remote site by establishing a VPN connection.
3. Run DC Promo - took a while to update (overnight)
4. Any updates generally take a fair amount of time.

Runing repadmin shows that there has never been any connection. But there are updates occurring.
0
 
LVL 35

Expert Comment

by:Cris Hanna
ID: 37762022
what kind of bandwidth do you have between the two sites?
How close are the two facilities?   Close enough that you can take the remote server to the main office and redo the DCPROMO, verify replication, then take back to remote location and run DCDIAG
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:dwknight
ID: 37799422
Apologies about the late follow up.

Both have an ADSL link 5meg down/ 384 up.

After additional research, the AD is definitely replicating. The error report seems to be the RPC service not being found between the sites. I am thinking that rpc is not configured on the server to use the VPN connection. Pretty much everything else is working after using a few other switches when running repadmin.

At this point,  it is not possible to remove the site DC and bring it back to the main office.

Thanks for the follow up.
0
 

Accepted Solution

by:
dwknight earned 0 total points
ID: 37804355
I have found the source of the rpc replication issue!

Because the site DC is connecting back to the main office via a vpn, DNS has both the site ip address for the server (on the site subnet) and the main office DNS entry for the site DC (on the main office subnet).

After a bit of troubleshooting, it appears that RPC communication from the main office is defaulting to the site ip address for the site DC, not the main office vpn ip address assigned to the site server.

Is there any way to set a preferred ip address for rpc communication?

Thanks for any advice.
0
 

Author Closing Comment

by:dwknight
ID: 38428034
Thanks, the question has been open for a while, but I have not had any further luck - so at this point - I am closing it as finished.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question