Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.
Course Of The Month
8 days, 1 hour left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
DC in the "Cloud"
Posted on 2012-12-20
Hello;
My company is currently putting together a disaster recovery plan, and along with it comes the infrastructure.
We have created a DC on WIN2K8 R2, and it is hosted out in the cloud. We are wondering the best way to configure this for a failover scenario.
One scenario in particular, as you may have already guess, is our Pri and Secondary DCs fail in house, and we want to failover to the one out in the cloud...
Or, here is another, more disastrous scenario: Our building is destroyed, and we need to be able to work from home, or a new office, and authenticate to our DC that is in the cloud. I am guessing we would want VPN for this...
That means we would need NPS...
I also read that running a DC and VPN server on same box is not a good idea, from a security standpoint... is this true/accurate? Why?
My company is currently putting together a disaster recovery plan, and along with it comes the infrastructure.
We have created a DC on WIN2K8 R2, and it is hosted out in the cloud. We are wondering the best way to configure this for a failover scenario.
One scenario in particular, as you may have already guess, is our Pri and Secondary DCs fail in house, and we want to failover to the one out in the cloud...
Or, here is another, more disastrous scenario: Our building is destroyed, and we need to be able to work from home, or a new office, and authenticate to our DC that is in the cloud. I am guessing we would want VPN for this...
That means we would need NPS...
I also read that running a DC and VPN server on same box is not a good idea, from a security standpoint... is this true/accurate? Why?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
4
6 Comments
your scenario is interesting but i would do it in a different way
i would pay for a reliable backup system and would upload image to the cloud.
So that i could download the last image created and deploy it to the machine
the other solution is Windows Azure Virtual Network
http://www.windowsazure.com/en-us/manage/services/networking/replica-domain-controller/
i think it would solve your problem
i would pay for a reliable backup system and would upload image to the cloud.
So that i could download the last image created and deploy it to the machine
the other solution is Windows Azure Virtual Network
http://www.windowsazure.com/en-us/manage/services/networking/replica-domain-controller/
i think it would solve your problem
Well, we already have a DC hosted in the cloud, it is part of our "reliable" backup system. If our building were to be destroyed our ultimate goal is to allow our users to VPN from home, and use the DC in the cloud for authentication.
I have been screwing around with a PPTP VPN server (Win2k8) but cannot for the life of me get my Cisco router to forward GRE port 47, even though the NAT rule is verified and configured right.
Have any experience with this?
I have been screwing around with a PPTP VPN server (Win2k8) but cannot for the life of me get my Cisco router to forward GRE port 47, even though the NAT rule is verified and configured right.
Have any experience with this?
Active 1 day ago
You mention NAT rules are setup ok - what about firewall? Need that port opened as well to allow the VPN to work...
How did you 'verify' that its configured right?
How did you 'verify' that its configured right?
Hi guys, once I got rid of the Cisco router (was using PAT) everything worked. The cisco device was not using any firewall or ACL rules, just NAT. The environment I am in is a test environment, so I just put my VPN server one one VLAN and the client on the other and of course everything works. Now that I have this working I can test the other things I need to before I do this for real. The actual VPN server will be in the cloud, hosted by someone (not sure who, my boss knows) the NAT will be really simple. I am now looking into getting IPSEC instead of PPTP - this looks tricky.
Your comment prompted me to just get rid of the old cisco router, as I suspected it was interfering with GRE to begin with ( I just KNOW I had the ports forwarded right...)
I had also read elsewhere that too many switches and devices between the VPN server and client causes issues too, so that is another reason I ditched the cisco, on less "hop"
I had also read elsewhere that too many switches and devices between the VPN server and client causes issues too, so that is another reason I ditched the cisco, on less "hop"
Featured Post
Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Internet Business Fax to Email Made Easy -
With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number.
You'll receive secure faxes in your email, fr…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message.
In the To field, type your recipient's fax number @efaxsend.com.
You can even send a secure international fax — just include t…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month8 days, 1 hour left to enroll
617 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.