Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
bigazzzz2020-05-24 17:33:48
VPN
bigazzzz, 2020-05-24 17:33:48

How to move a domain controller to a branch?

Hello!
There was a network 192.168.2.1/27 with a domain controller (DC), 4 computers and a router. Soon, DC left for another city with a completely home router, on which it is impossible to do anything intelligible. The task is to organize a network with one DC from a remote and current office.
I see a solution in the form of a VPN, but it is not clear what type of VPN is better to organize. In this case, it is desirable not to change the IP address of the DC.
How to do it right?

ps For those who are especially smart, who do not answer the question, but try to "poke" the author "Are you stupid? 4 computers and AD?" I answer:
1) Initially, there were 10 computers with the possibility of expansion.
2) The activity of the company provides "mandatory server with installed and configured IIS".
3) I am lazy and live 150 km from the branch. Connecting to each computer to make changes is lazy for me and I prefer to operate using GPO

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
P
pindschik, 2020-05-28
@bigazzzz

1) Solve the issue with IPSec on routers between branches. He is definitely needed. It is not expensive. For example, home Keenetik Viva or Giga 2 on the secondary cost 1000-1500 re - and they still know how to IPSec. And not only them.
2) Next, you will have 2 subnets, for example 192.168.2.* and 192.168.8.*, and ping will freely go between them. This is also a must.
3) In general - that's all, in a remote branch - you need to make sure that a domain controller from the main network is registered on all DNS computers (there are 4 of them - it means by hand). It will work, although the reliability will depend on the connection. No connection - nichrome does not work.
3) But it's still better to make a second domain controller. In the "Active Directory - Sites and Services" snap-in, create these 2 subnets and specify their ranges.
4) Make a second domain controller in the second network, at the same time - you can ensure the constant availability of network drives through DFS and replication.
5) In the "Active Directory - Sites and Services" snap-in, pop this second controller into the desired site. Be sure to configure the transport and AD replication period. Specify who and with whom to replicate. Well, it's not difficult.

Similar questions
A
AkZwork2020-06-29 03:02:40
How to forward camera traffic in L2TP on Mikrotik? 1Reply
A
Andrey2016-02-12 14:10:10
How to issue a VPN client Kerio Control IP from the local network? 0Reply
R
Raain2021-10-01 08:50:32
MiktoTik port forwarding to a remote network via l2tp? 1Reply
P
PC-Zzz2016-02-21 05:49:33
How to block ICMP traffic to my VPN server? 2Reply
R
Roc272021-10-06 00:41:51
Why unstable VPN connection between Mikrotik and Keenetik? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question