How do I connect Active Directory Servers in seperate physical locations

  • Thread starter Thread starter Mike A.
  • Start date Start date
M

Mike A.

I have two AD servers in the same domain but they are in two different
locations. The locations are not connected via VPN. The only secure
connection that we have between the two is an S-Tunnel connection with
limited ports available.

Is it possible to do Intersite Replication through an S-Tunnel connection?
Do I need to have them connected using a traditional VPN?

I have read most everything that I could but all the info seems to assume
that either the servers are in the same physical location or that you are
connected via VPN.

Any help would be greatly appreciated.
 
I don't think that S-Tunnel will work. Active Directory replication
requires that several ports be open and available.


+=================+=============+==============================+
| Client Port(s) | Server Port | Service
|
+=================+=============+==============================+
| 1024-65535/TCP | 135/TCP | RPC *
|
+=================+=============+==============================+
| 137/UDP | 137/UDP | NetBIOS Name
|
+=================+=============+==============================+
| 138/UDP | 138/UDP | NetBIOS
Netlogon and Browsing |
+=================+=============+==============================+
| 1024-65535/TCP | 139/TCP | NetBIOS Session
|
+=================+=============+==============================+
| 1024-65535/TCP | 42/TCP | WINS Replication
|
+=================+=============+==============================+


+========================+=============+=========================+
| Client Port(s) | Server Port
| Service |
+========================+=============+=========================+
| 1024-65535/TCP/UDP | 389/TCP/UDP | LDAP
|
+========================+=============+=========================+
| 1024-65535/TCP | 636/TCP | LDAP
SSL |
+========================+=============+=========================+
| 1024-65535/TCP | 3268/TCP | LDAP
GC |
+========================+=============+=========================+
| 1024-65535/TCP | 3269/TCP | LDAP
GC SSL |
+========================+=============+=========================+
| 53,1024-65535/TCP/UDP | 53/TCP/UDP | DNS
|
+========================+=============+=========================+
| 1024-65535/TCP/UDP | 88/TCP/UDP | Kerberos
|
+========================+=============+=========================+
| 1024-65535/TCP | 445/TCP | SMB
|
+========================+=============+=========================+

179442 How to Configure a Firewall for Domains and Trusts
http://support.microsoft.com/?id=179442

Tom Ausburne (MSFT)
Windows 2000 Directory Services
This posting is provided "AS IS" with no warranties, and confers no
rights.
 
Back
Top