- active directory replication over NAT
- Posted by Surya W. Isjwara on December 12th, 2003
Dear all,
I want to question how to make active directory replication over NAT ?
I will explain the case condition :
We have one headquarter and three branches. Which is each branches connected through PSTN dial-up. Each branches only have one link dial-up only. Then in each branches we use router to dial-up and use NAT. This network design is fix and can't be change anymore. Headquarters and branches have each Windows 2000/Windows Server 2003 domain controllers that replicate between branches DC and headquarter DC
Now as we know if we use NAT, headquarters servers can't recognize IP branches server because of NAT. Headquarters can recognize public branches IP only but not branches private IP. But it's not vice versa, branches DC can recognize headquarter DC. So when we check the replication error will occur
Do you have any suggestion how to solve this issue ?
thanks
warm regards
Surya W. Isjwara
Astragraphia
- Posted by Jimmy Andersson [MVP] on December 12th, 2003
AD Replication over Firewalls by Steve Riley,
Consultant at Microsoft Telecommunications Practice.
http://www.microsoft.com/SERVICEPROV...sec_p63623.asp
HOW TO: Configure a NAT Server in Windows Server 2003
http://support.microsoft.com/default...uct=winsvr2003
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Active Directory
---------- www.qadvice.com ----------
"Surya W. Isjwara" <anonymous@discussions.microsoft.com> wrote in message
news:7F292C1D-9BD9-4394-861D-931407B078BA@microsoft.com...
only. Then in each branches we use router to dial-up and use NAT. This
network design is fix and can't be change anymore. Headquarters and branches
have each Windows 2000/Windows Server 2003 domain controllers that replicate
between branches DC and headquarter DC
IP only but not branches private IP. But it's not vice versa, branches DC
can recognize headquarter DC. So when we check the replication error will
occur
- Posted by Surya W. Isjwara on December 17th, 2003
Dear Sir,
Thank you for the response but unfortunately article you give to me is not applicable. In my opinion it's different between NAT and Firewall. Also I do not Windows 2000 RRAS for NAT, instead I use router for NAT.
I have read some Microsoft recommendation that Microsoft doesn't recommend replication through NAT. But it's not solve the problem because some company maybe still consider use dialup with NAT because communication cost reason..
So anyone could help me how to make active directory replication over NAT with condition I have told before ?
thanks
warm regards
Surya W. Isjwara
----- Jimmy Andersson [MVP] wrote: -----
AD Replication over Firewalls by Steve Riley,
Consultant at Microsoft Telecommunications Practice.
http://www.microsoft.com/SERVICEPROV...sec_p63623.asp
HOW TO: Configure a NAT Server in Windows Server 2003
http://support.microsoft.com/default...uct=winsvr2003
Regards,
/Jimmy
--
Jimmy Andersson, Q Advice AB
Microsoft MVP - Active Directory
---------- www.qadvice.com ----------
"Surya W. Isjwara" <anonymous@discussions.microsoft.com> wrote in message
news:7F292C1D-9BD9-4394-861D-931407B078BA@microsoft.com...
only. Then in each branches we use router to dial-up and use NAT. This
network design is fix and can't be change anymore. Headquarters and branches
have each Windows 2000/Windows Server 2003 domain controllers that replicate
between branches DC and headquarter DC
IP only but not branches private IP. But it's not vice versa, branches DC
can recognize headquarter DC. So when we check the replication error will
occur
