Configuring AD between to Remote sites with NAT on both sides

N

need2know

I've been tasked with setting up a remote site which is configured as a
child domain (remote.hq.site.com) in our forest (hq.site.com). We have a T1
link between us but no site-to-site vpn to allow our private subnets to talk
to one another. At our site, we have both external and internal addreses. At
the remote site all systems have internal addresses and some systems map to
external addreses. There is a Cisco Pix on both sides but we do not have a
VPN concentrator at the remote office.

As a result I am having issues with DNS between the sites because of
communication errors. Is it possible to configure Windows 2003 DC's as vpn
endpoints so that we can hve IP traffic route properly between us?

Can anyone point me to documentation for configurin AD between to remote
subnets that are being NAT'ed?

Thanks
 
R

Robert L [MS-MVP]

Since you have Cisco PIX, I would setup Cisco site to site VPN.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I've been tasked with setting up a remote site which is configured as a
child domain (remote.hq.site.com) in our forest (hq.site.com). We have a T1
link between us but no site-to-site vpn to allow our private subnets to talk
to one another. At our site, we have both external and internal addreses. At
the remote site all systems have internal addresses and some systems map to
external addreses. There is a Cisco Pix on both sides but we do not have a
VPN concentrator at the remote office.

As a result I am having issues with DNS between the sites because of
communication errors. Is it possible to configure Windows 2003 DC's as vpn
endpoints so that we can hve IP traffic route properly between us?

Can anyone point me to documentation for configurin AD between to remote
subnets that are being NAT'ed?

Thanks
 
N

need2know

Thanks Bob,

I talked to a network guy today and he said that would not be a problem. I
was under the impression we need the VPN Concentrator, but all is good.
-----------------
Since you have Cisco PIX, I would setup Cisco site to site VPN.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
I've been tasked with setting up a remote site which is configured as a
child domain (remote.hq.site.com) in our forest (hq.site.com). We have a T1
link between us but no site-to-site vpn to allow our private subnets to talk
to one another. At our site, we have both external and internal addreses. At
the remote site all systems have internal addresses and some systems map to
external addreses. There is a Cisco Pix on both sides but we do not have a
VPN concentrator at the remote office.

As a result I am having issues with DNS between the sites because of
communication errors. Is it possible to configure Windows 2003 DC's as vpn
endpoints so that we can hve IP traffic route properly between us?

Can anyone point me to documentation for configurin AD between to remote
subnets that are being NAT'ed?

Thanks
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Routing and Remote access 1
Question - Remote sites without servers over vpn 3
Routing to external networks 1
AD Replication Through NAT Firwalls 1
AD site to site replication 2
Domain controller in remote site 3
need help on how to setup VPN connection 1
Web browsing over WAN 3

Top