Announcement

Collapse
No announcement yet.

Branch Site Server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Branch Site Server

    Hello.

    I have SBS 2008 Premium set up at my main office.

    I have set up a second standard 2008 server which I intend to use at our branch office.

    I joined it as a second Domain Controller (at the main office on the LAN), and have added DFS replication.

    I have a Belkin domestic router at the main office for the internet, and a BT 2-Wire Business hub at the branch office.

    What I can't seem to find anywhere, are instructions on how to move the second server to the branch site, and make the link to the SBS server over the internet using a VPN.

    Any help or pointers would be greatly appreciated.

    Thanks in advance.

  • #2
    Re: Branch Site Server

    Another few questions, as i've been googling like crazy trying to find out how to do this...

    Do I NEED to have two NIC's in my remote branch site server standard 2008 to do this VPN configuration? Ie One for the LAN and one for the WAN? or can it send everything through the one NIC connected to the internet.

    Secondly, I assume my SBS server desn't require two NIC's, as it already allows LAN operation and regular VPN access for remote clients. ?

    Sorry about my lack of knowledge here, but it's my own business and am trying to make the most of what I can do without additional costs.

    Cheers,

    Ian.

    Comment


    • #3
      Re: Branch Site Server

      You only need one NIC if the routers are handling the VPN

      Basic process
      Create Site and Subnet in ADSS
      Physically relocate DC, configure IP address and register in DNS
      Move DC to new site in ADSS
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Branch Site Server

        Your SBS box can't have a second NIC, since 2008 only one NIC is supported.
        BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
        sigpic
        Cruachan's Blog

        Comment


        • #5
          Re: Branch Site Server

          Good call!
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: Branch Site Server

            OK, so only one NIC in my SBS box... what about my remote site standard box?

            Also, Ossian mentioned creating a subnet, however, I thought SBS didn't allow a subnet...

            And I don't want to use hardware routers to control the VPN link, I want to do it within RRAS.

            It's just the steps to configure the calling 2008 standard box and the answering 2008 SBS box I need.

            I've already set eveything up on the LAN, I now want to move it off to a remote site and create the "Link" over the internet.

            SBS box - 192.168.2.200 - SBServer.domain.local
            2008 Standard box - 192.168.2.250 - 2008Site.domain.local
            Clients - 192.168.2.11-30
            Belkin Router - 192.168.2.1

            Remote/site office - BT Business Hub - can be set up however I like, and if needed, I can use Two NICs in this 2008Site Server.

            Comment


            • #7
              Re: Branch Site Server

              SBS has absolutely no problem with subNETs -- you are thinking about subDOMAINS (child domains) which are not allowed.

              Why not let the routers handle the VPNs? -- they are designed for that, while RRAS isn't really
              Tom Jones
              MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
              PhD, MSc, FIAP, MIITT
              IT Trainer / Consultant
              Ossian Ltd
              Scotland

              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment


              • #8
                Re: Branch Site Server

                Do I need subnets though?

                Can I not just keep them all on 192.168.2.X ? Or does it need to be on a subnet for some reason?

                we don't have that many computers/clients.

                I don't think my belkin router handles VPN tunnelling, and I've heard about problems with the BT business hub too.

                Comment


                • #9
                  Re: Branch Site Server

                  You will need subnets to allow computers in one site to reach computers in the other, and also to access the internet via the correct default gateway.

                  Most ADSL routers will handle VPNs quite easily -- cost should not be above 40-50 per site and this will be offset against the time you would otherwise spend fighting with RRAS!

                  Have you considered getting a consultant to plan and set this up for you?
                  Tom Jones
                  MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                  PhD, MSc, FIAP, MIITT
                  IT Trainer / Consultant
                  Ossian Ltd
                  Scotland

                  ** Remember to give credit where credit is due and leave reputation points where appropriate **

                  Comment


                  • #10
                    Re: Branch Site Server

                    I've looked as hard as I can on both my Belkin F5D8236 and my Belkin F5D9230 and can't find anywhere on the web-based setup to set up a VPN.

                    Could you recommend some routers for me?

                    I'm not using anyone external, as I'd like to learn how to do this myself to enhance my networking knowledge... it can't be that difficult can it?

                    The main reason for me wanting to di this, is so that we have files available using DFSR at the remote site that sychronise with the main server overnight.

                    Rather than our current situation where the remote clients VPN individually and use W7 Offline Files synchonisation on mapped drives.

                    Can I not just set the Site server to log onto the Domain over its own VPN somehow, and then the users on the site side will thus see the LAN as if they were in the main office? I can see how this would be set up using two NIC's... is this the way I should be looking to go?

                    Comment


                    • #11
                      Re: Branch Site Server

                      Personally I prefer to use RRAS for site-to-site VPNs and for VPN client access. This technet blog gives details on how to set it up along with an explanation of why it needs to be done this way.
                      BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
                      sigpic
                      Cruachan's Blog

                      Comment


                      • #12
                        Re: Branch Site Server

                        Well, i've spent all day on this, and I mean 12 hours solid.

                        At one point i managed to get a connection, and pinged the remote server from the main, but not the other way round.

                        I've tried Everything, and now I can't even get a one way ping.

                        I've followed all sorts of instructions, mainly the last one mentioned by cruachan, which got something going, but not a total success.

                        Even tried the two NIC's in the site server (which got me a one way ping from the Main server)...

                        I'm at a loss.

                        Comment


                        • #13
                          Re: Branch Site Server

                          Have you given the second DC a Static IP or does it receive the IP via DHCP?
                          Were you able to connect to each Server without problems when you setup the second DC?

                          See if this helps. http://wintivity.wigital.net/blog/20...rver-2008-vpn/

                          There is other reading here that may be of interest like the second link from the bottom. http://www.google.com.au/#hl=en&suge...w=1366&bih=572

                          Belkin VPN guides. http://www.google.com.au/search?hl=e...w=1366&bih=572
                          1 1 was a racehorse.
                          2 2 was 1 2.
                          1 1 1 1 race 1 day,
                          2 2 1 1 2

                          Comment

                          Working...
                          X