Re: 1 domain, 2 sites, 1 T-1, internal natting...
- From: Kurt <kurtl@xxxxxxxxxxxxxxxxx>
- Date: Tue, 12 Dec 2006 20:50:31 -0800
circuit wrote:
That's a lot of ifs! See inline:
Howdy everyone,
Current situation:
1 ms win2003 domain. Most users are in hq that houses citrix server
utilized by users in location2..
Citrix users in location2. Citrix users' client pc's belong to
workgroup, not domain (due to wan speed), therefore they access network
resources via Citrix only.
Dumb question (at least I think so, I am having difficulty with this
one):
If hq client machines are 192.168.1.x , and default gw for
hq=192.168.1.2 (long story why),
and location2 machines are 192.168.2.x and default gw=192.168.2.2
Would it be a stupid idea to change the location2 client machines to
the same network (192.168.1.x) and add them to the domain managed by
hq?
First of all, most T-1 connections are routed, so they must be on different networks. Secondly, you don't need to be on the same subnet to join them to the domain, you just need to have the clients using the DNS server for the domain (WINS too if you need to browse the networks).
I have a point-to-point T-1 with managed routers at both ends.
The primary issue, among many, is that I wanted to create a partially
wireless solution in location 2, and per linksys, weather you have a
WAP and/or a wireless router, changing the ip of the wireless device to
a .2 never works, and it loses connection.
Are you sure about this? There's no good reason why that wouldn't work. If it's a WAP, it doesn't even need an IP address except to manage it if you have another router. It just acts as a bridge between the wired and wireless sides.
Also I want to make sure
that if I change the location 2 to the same network (168.1.x) that
apps, logging in, etc over the WAN all of the above would be slower
than molasses...
I'm not getting this one. It may be possible to bridge across the WAN depending on equipment, but either way, 1.5 megabits is 1/67 the speed of most LANS. Routed or bridged, it will be slow.
Finally, in terms of scalability, if we get a 3rd site, a)would it be a
good recommendation to have server at each site communicating via the T
to headquarters site (either for dhpc relay, or application
replication, etc.)?? b)Is it possible to set it up as 192.168.3.x, and
how would this affect wireless authentication at that site?
Any network number will work as long as it's different from the other sites. Whether or not you need a server at each site depends on what you mean by server and what services the server is providing. It also depends on a whole lot of other things like how many computers/users at the remote site, how much data will need to move across the WAN, etc.
Thanks for the help in advance, this has been driving me bonkers.. I
know this is a long description but the more info in the initial
description, the better :-)
A few notes, observations.
1) If thin client (terminal services) is working, there's no need to have the remote clients members of the domain unless you need to apply group policy or other domain level stuff.
2) RDP has built-in encryption and you don't need a T-1 or even a VPN for security. You can run it directly over the Internet. Of course you'll want to take steps to harden your terminal server. If you have a firewall between the terminal server and the Internet and your remote site has a static IP, you can reject all traffic except from your site.
3) If you have high-speed Internet available at each site, you can usually do more for less. Here in Washington state where I live, I can get DSL up to 8 Megabits for less than $100/month. A T-1 across town is more than 3 times that and less than 1/5 the speed. A VPN appliance at each end can be had for less than $300.
....kurt
.
- References:
- 1 domain, 2 sites, 1 T-1, internal natting...
- From: circuit
- 1 domain, 2 sites, 1 T-1, internal natting...
- Prev by Date: Re: DNS replication on 2 domain on 2 forests
- Next by Date: Re: DNS replication on 2 domain on 2 forests
- Previous by thread: 1 domain, 2 sites, 1 T-1, internal natting...
- Index(es):
Relevant Pages
|
