Announcement

Collapse
No announcement yet.

Single domain branch office config

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Single domain branch office config

    Hi All.

    I have a single domain at one office, around 30 users.

    We are opening a branch office but i don't have a budget for a server however i require that the machines are in a domain. I plan to install a sonic wall at the branch site and connect back to the main office via ipsec tunnel.

    the branch office will house 5-10 users maximum.

    Main site
    192.168.0.x
    sn 255.255.255.0
    dns 192.168.0.1
    gw 192.168.0.254

    plans for branch sites
    192.168.2.x
    sn 255.255.255.0
    dns 192.168.0.1 (will need this for AD auth?)
    dns2 192.168.2.254
    gw 192.168.2.254

    I wondered if this is correct and if it would cause logon issues to the domain. i understand i should have a branch server to service logons, but since users only require internet and email (exchange roc over https) and i don't have a budget then this is my only way.

  • #2
    Re: Single domain branch office config

    Make sure you have a DHCP Relay Agent set on your routers or use static IPs
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Single domain branch office config

      can i not use DHCP from the sonic wall at branch office? i can set the dns suffix to be the same.

      or should i use the same range at the branch office via a relay agent as you suggest for some reason?

      Comment


      • #4
        Re: Single domain branch office config

        I would use the dhcp server on the firewall. For some reason if there is an issue with the other side of the tunnel your clients wont be able to get addresses/dns etc which will impact their local internet traffic.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: Single domain branch office config

          Originally posted by auglan View Post
          I would use the dhcp server on the firewall. For some reason if there is an issue with the other side of the tunnel your clients wont be able to get addresses/dns etc which will impact their local internet traffic.
          That was my thought. however i need the primary DNS server to be the AD controller at the main office or they won't be able to logon to the domain.

          When i have done testing, i have to set the DNS suffix on the DHCP scope to be the same as the domain otherwise resolution doesn't seem to work correctly.

          Comment


          • #6
            Re: Single domain branch office config

            You could always add a secondary dns server (Open DNS, Goolge's public DNS) to your dhcp scope for your clients. That way if the primary goes down they still have dns resolution through a public dns server.
            CCNA, CCNA-Security, CCNP
            CCIE Security (In Progress)

            Comment


            • #7
              Re: Single domain branch office config

              something else to consider is if these clients will ever require file access - if they do, you could setup BranchCache - doesn't need a server.. just windwos 7 machines
              Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

              Comment


              • #8
                Re: Single domain branch office config

                Originally posted by mordzy
                i understand i should have a branch server to service logons
                What about one of those "toy" Servers (I believe they were a very cheap HP machine with Atom CPU - correct me if I have got it wrong) to run a RODC. This could also be used as a local File Server.
                1 1 was a racehorse.
                2 2 was 1 2.
                1 1 1 1 race 1 day,
                2 2 1 1 2

                Comment


                • #9
                  Re: Single domain branch office config

                  A hp microserver? I have one. Not quite a toy, I like it. Fill it with 8 gb ram and 4 disks and it's all good.

                  Would actually be a good. Rodc and fairly cheap
                  Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                  Comment


                  • #10
                    Re: Single domain branch office config

                    Does it come with a Server 2008 R2 license?
                    If not, the software could be more than the server!
                    Tom Jones
                    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                    PhD, MSc, FIAP, MIITT
                    IT Trainer / Consultant
                    Ossian Ltd
                    Scotland

                    ** Remember to give credit where credit is due and leave reputation points where appropriate **

                    Comment


                    • #11
                      Re: Single domain branch office config

                      no - doesn't come with software.
                      i think all up for hardware, (increase ram to 8GB ECC, 2x2GB disks, used existing 250GB disk and one i had spare) i paid about 750$AUD

                      licence would definitely cost more.. if you have MAPs though, it's ok..
                      it's actually quite a nifty server.
                      Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                      Comment

                      Working...
                      X