Active Directory Replication

[Guest]

I have several Domain controller in which everything was working fine
including replication, etc. Since than I have changed IP address of one of my
DC's (DC1) and moved it behind a firewall. However, we have configured the
firewall so that DC1 is able to talk to DC2 (DC1's replication partner). When
we add a user to DC2 the change shows up on DC1. However when we make a
change (add user) to DC1 it does not show up on DC2 or any of our other DC's.

I like to know what is the missing part here. Because I can ping and connect
to DC2 from my DC1 server. Any help is appreciated.

 

[Ozone]

You may want to verify that you have the direction on the firewall rule to
be ANY. The rule may be set to inbound and not outbound.

HTH
Ozone

 

[Guest]

Firewall is open both ways.... I can get to the DC2 from DC1 without any
problems. I can see users and computers and other things for DC2 from DC1,
however replication doesn't work from DC1 to DC2. It works fine from DC2 to
DC1. So just wondering what else am I missing.

thanks,

Jay

 

[Ozone]

One thing that we could do is get a Netmon trace, and I can take a look at
it. In the trace, I should be able to see the replication traffic. Also,
there are some other tools that we can use, but we already know it is not
working... Here are some KB's that may help:
179442 How to configure a firewall for domains and trusts
http://support.microsoft.com/?id=179442
224196 Restricting Active Directory replication traffic to a specific port
http://support.microsoft.com/?id=224196
272294 Active Directory communication fails on multihomed domain controllers
http://support.microsoft.com/?id=272294
814821 Active Directory Replication and Knowledge Consistency Checker Fail
with
http://support.microsoft.com/?id=814821
830077 Replication errors occur when you use Active Directory Replication
http://support.microsoft.com/?id=830077

If you need help setting up the Netmon let me know...

Ozone