Configuring AD between to Remote sites with NAT on both sides

  • Thread starter Thread starter need2know
  • Start date Start date
N

need2know

I've been tasked with setting up a remote site which is configured as a
child domain (remote.hq.site.com) in our forest (hq.site.com). We have a T1
link between us but no site-to-site vpn to allow our private subnets to talk
to one another. At our site, we have both external and internal addreses. At
the remote site all systems have internal addresses and some systems map to
external addreses. There is a Cisco Pix on both sides but we do not have a
VPN concentrator at the remote office.

As a result I am having issues with DNS between the sites because of
communication errors. Is it possible to configure Windows 2003 DC's as vpn
endpoints so that we can hve IP traffic route properly between us?

Can anyone point me to documentation for configurin AD between to remote
subnets that are being NAT'ed?

Thanks
 
Since you have Cisco PIX, I would setup Cisco site to site VPN.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I've been tasked with setting up a remote site which is configured as a
child domain (remote.hq.site.com) in our forest (hq.site.com). We have a T1
link between us but no site-to-site vpn to allow our private subnets to talk
to one another. At our site, we have both external and internal addreses. At
the remote site all systems have internal addresses and some systems map to
external addreses. There is a Cisco Pix on both sides but we do not have a
VPN concentrator at the remote office.

As a result I am having issues with DNS between the sites because of
communication errors. Is it possible to configure Windows 2003 DC's as vpn
endpoints so that we can hve IP traffic route properly between us?

Can anyone point me to documentation for configurin AD between to remote
subnets that are being NAT'ed?

Thanks
 
Thanks Bob,

I talked to a network guy today and he said that would not be a problem. I
was under the impression we need the VPN Concentrator, but all is good.
-----------------
Since you have Cisco PIX, I would setup Cisco site to site VPN.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
I've been tasked with setting up a remote site which is configured as a
child domain (remote.hq.site.com) in our forest (hq.site.com). We have a T1
link between us but no site-to-site vpn to allow our private subnets to talk
to one another. At our site, we have both external and internal addreses. At
the remote site all systems have internal addresses and some systems map to
external addreses. There is a Cisco Pix on both sides but we do not have a
VPN concentrator at the remote office.

As a result I am having issues with DNS between the sites because of
communication errors. Is it possible to configure Windows 2003 DC's as vpn
endpoints so that we can hve IP traffic route properly between us?

Can anyone point me to documentation for configurin AD between to remote
subnets that are being NAT'ed?

Thanks
 
Back
Top