Can a Read only DC work on VPN between sites?

K

Kdes

Well-Known Member
Joined
Aug 21, 2007
Messages
158
Reaction score
3
Good Day Everyone

We have a company that is providing hosted servers for us. The tricky part is that we need the servers on our domain. So the one technician suggested that we setup a RODC at their site. But i would please like to know, can a RODC work on a VPN tunnel?

Has anyone done this before? Is there any settings we would need to change on the RWDC and RODC to work with each other or should it work fine once the VPN tunnel is working?

Thanks in advance.
 
Yes you can do it. You shouldn't have to change anything on your current DC's except adding a new site with it's subnet to Sites and Services for the remote site.

Running it over a VPN is no different than running it over dedicated WAN links
 
Great thanks for the quick reply.

I read some where that the servers can not be behind any NAT devices and must be a site-to-site vpn tunnel.
Is this true and what do they mean by this?

I guess they just saying you cant use any public ips and the local lan ips must see eachother as if they on the same network?
 
You cannot use NAT between the servers, they need to be able to see each other as if they were on the same network, you'll have different subnets on each side but your VPN connection will route between the two subnets.

You can use RRAS to setup Site-to-Site VPN
 
2008 R2 or 2012?
Either way it doesn't matter and VPN will work, but 2012 has so much more flexibility, a la Direct Access, especially when it comes to remote connectivity.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X