DNS configuration advice needed please...

  • Thread starter Thread starter Curtis Fray
  • Start date Start date
C

Curtis Fray

Hi,

I currently have a Windows 2003 domain called Domain1. We are to take on
another site that I'd like to intergrate into Domain1.

The main part I'm trying to work out how to do is with regards to DNS. I'll
try to explain it as clearly as I can without confusing myself or others!

Domain1 is on an internal 192.168.x.x range.
We have a few of the servers NATed to a firewall with external IPs.
Our DNS servers only have the internal ranges registered.
The second site we're taking on will need to contact our Domain1 servers via
their NATed external IPs and won't have access to the internal ranges.
If this other site becomes part of domain1 and our DNS server replicates
with their site, they will only have DNS records for the internal ranges of
our servers, which will be unreachable from their site.

Question - how can I set up DNS at the second site so it has the external
ranges of the servers it needs to access, while replicating the entries for
the computers at the second site back to our DNS servers.

I hope this makes sense. If anything needs to be clarified please let me
know.

Thanks,

Curtis.
 
Curtis Fray said:
Hi,

I currently have a Windows 2003 domain called Domain1. We are to take
on another site that I'd like to intergrate into Domain1.

The main part I'm trying to work out how to do is with regards to
DNS. I'll try to explain it as clearly as I can without confusing
myself or others!

Domain1 is on an internal 192.168.x.x range.
We have a few of the servers NATed to a firewall with external IPs.
Our DNS servers only have the internal ranges registered.
The second site we're taking on will need to contact our Domain1
servers via their NATed external IPs and won't have access to the
internal ranges.
If this other site becomes part of domain1 and our DNS server
replicates with their site, they will only have DNS records for the
internal ranges of our servers, which will be unreachable from their
site.

Question - how can I set up DNS at the second site so it has the
external ranges of the servers it needs to access, while replicating
the entries for the computers at the second site back to our DNS
servers.

I hope this makes sense. If anything needs to be clarified please let
me know.
Click to expand...

I hear what you are trying to do, but I suggest you use a VPN link between
the sites so you don't have a firewall to go through. Otherwise, you'll have
to make swiss cheese out of your firewall so that AD communication and
replication can take place.
Q179442 - How to Configure a Firewall for Domains and Trusts:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q179442&ID=KB;EN-US;Q179442&FR=1
 
Thanks for your advice, Kevin. After spending the last 24hrs researching
this I agree with your recommendation. It looks fairly straight to implement
and will do exactly what we need it to do.

Thanks again.

Regards,

Curtis.
 
Back
Top