Domain Migration over VPN or WAN: What to do?

D

Dennis Capulong

Hi guys,

I have a Windows Server 2003 machine which I would like to join to our main office's domain...
The machine I am trying to migrate is connected inside our private network. In the IP setting of the machine, I pinpointed the Preferred DNS server to our main office's DNS servers. I can ping the IP address of our main office's DNS but I cannot ping it using its full computer name... Using NSLOOKUP also request timed out.. Of course I cannot perform dcpromo in that manner...
Any help guys? Thanks.

Regards,
Dennis
 
P

Paul Bergson

If there is a firewall between the two then ports need to be opened to allow
communications to occur between this server and other services.

See:
http://www.microsoft.com/technet/pr.../activedirectory/deploy/confeat/adrepfir.mspx

--


Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

This posting is provided "AS IS" with no warranties, and confers no rights.


Hi guys,

I have a Windows Server 2003 machine which I would like to join to our main
office's domain...
The machine I am trying to migrate is connected inside our private network.
In the IP setting of the machine, I pinpointed the Preferred DNS server to
our main office's DNS servers. I can ping the IP address of our main
office's DNS but I cannot ping it using its full computer name... Using
NSLOOKUP also request timed out.. Of course I cannot perform dcpromo in that
manner...
Any help guys? Thanks.

Regards,
Dennis
 
C

Cary Shultz [A.D. MVP]

Dennis,

Typically you would set up a Site-to-Site VPN ( read: firewall to firewall ). I have never had any problems doing this....

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com



Hi guys,

I have a Windows Server 2003 machine which I would like to join to our main office's domain...
The machine I am trying to migrate is connected inside our private network. In the IP setting of the machine, I pinpointed the Preferred DNS server to our main office's DNS servers. I can ping the IP address of our main office's DNS but I cannot ping it using its full computer name... Using NSLOOKUP also request timed out.. Of course I cannot perform dcpromo in that manner...
Any help guys? Thanks.

Regards,
Dennis
 
D

Dennis Capulong

Thanks Cary.

Regards,
Dennis
Dennis,

Typically you would set up a Site-to-Site VPN ( read: firewall to firewall ). I have never had any problems doing this....

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com



Hi guys,

I have a Windows Server 2003 machine which I would like to join to our main office's domain...
The machine I am trying to migrate is connected inside our private network. In the IP setting of the machine, I pinpointed the Preferred DNS server to our main office's DNS servers. I can ping the IP address of our main office's DNS but I cannot ping it using its full computer name... Using NSLOOKUP also request timed out.. Of course I cannot perform dcpromo in that manner...
Any help guys? Thanks.

Regards,
Dennis
 
G

Guest

Can you set me in the right direction as far as how to set up a Site-to-Site
VPN? Do I need additional software (i.e. ISA server) or is configuring IPSec
for all communications between DC considered a Site-to-Site VPN?
 
C

Cary Shultz [A.D. MVP]

Oli,

I usually do this on the Firewall. So, you would have, for example, a
SonicWall Firewall in the Headquarters and you would have a Sonic Wall
Firewall in all of the 'remote' sites. Typically, at least in the
environments that I do, you would create a VPN from HQ-Site1 and a VPN from
HQ-Site2 and a VPN from HQ to Site3 etc. It is all done of the Firewall.
Your Firewall may not support VPNs out of the box and that may require you
to purchase additional 'goodies' from the manufacturer of your Firewall.

Does this help?

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

resolving DNS: domain migration over VPN... 1
Domain Controllers Can't reach Default Gateway... 24
Child Domain 1
Problem Adding 2nd DC to domain 4
Can't Send Net Messages Over WAN 4
DNS Site -to- Site VPN - WAN 0
HELP with Child Domain 1
Cannot join another domain controller 1

Top