Re: Remote site not replicating after ISA upgrade

any time...

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Ryan Novagrp" <RyanNovagrp@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D21BA295-1846-4BE8-A536-9795666849C3@xxxxxxxxxxxxxxxx
Hi Jorge,

Thank you for your response but I've figured out that its the ISA 2004
server blocking traffic only between the home office and this one remote
site. Both ISA and AD are configured in hub and spoke layout. The crazy
thing
is all 5 other spokes are replicating traffic for AD and files with no
problem. It's a single spoke having the problem and the configuration is
literally identical to the other 5. It's not all traffic being blocked,
users
at the problem site are still able to connect over the VPN to the exchange
server here in our main office. I can also remote desktop from the home
into
the remote problem site servers. It just seems to be the server to server
replication traffic that is being blocked by ISA. So this probably isn't
the
best forum to answer this question, being its not AD issue. I appreciate
your
help regardless.

Ryan

"Jorge Silva" wrote:

Hi



Can you give more Detailed Info about ISA Remote site configuration?

- Are all sites able to reach each other?

- Do you have one VNP Connection from each site to main site (Hub Spoke),
or
you are having 1 VPN connection from each site to each site (Mesh)?

- Can all DCs ping each other By FQDN.

- Did you defined route option under network rules to each site.

- Did you defined the Firewall Access rules for each site.



How you have your DNS configuration?



Results for:



Dcdiag /d /c /v

Netdiag /debug /v





I've increased the cost on
this site link and decreased the replication interval and still having
same
issues. Anyone come across this scenario? Thanks



Are your site links transitive (default-Bridge all sites links)? If yes
you
should make sure that all sites reach each other.

When you increase the cost for site link, you should pay attention,
because
assuming that your site links are transitive (default), if the cost of
the
site link is higher than the sum of 1, 2 or more site links to the same
destination, the alternate path is chosen, and if your DCs in different
sites aren't able to reach each-others you'll have problems.



Event ID 1311: Replication configuration does not reflect the physical
network

http://technet2.microsoft.com/WindowsServer/en/Library/062e8eaa-27e0-4c5e-bc2b-2913ecce24b81033.mspx?mfr=true



--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Ryan Novagrp" <RyanNovagrp@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:65BD6873-4F30-4BD3-A1C0-A179106E1007@xxxxxxxxxxxxxxxx
Recently upgraded our home office SonicWall Firewall/VPN to ISA 2004
Standard. After the upgrade I noticed replication errors in Directory
Service
and FRS logs for one of our remote sites. Mostly KCC events 1865, 1566,
1311.
Also NTDS Replication event 1232.

I've attempted MS article http://support.microsoft.com/?kbid=830746 on
both
the remote site DC and the home office DC. I've rebooted each DC after
making
the registry change and I'm still receiving the 1232 events and all
other
replication problems. Also yes this ISA 2004 Standard is running on
Server
2003 SP1, and yes I've installed ISA 2004 SP2. And all RPC traffic and
replication is running normal to my 5 other remote sites which all run
VPN
connections through ISA in exact same configuration. This one remote
site
that is having the problem just happens to have the slowest connection.
I
use
site links to control the replication traffic from the home office to
each
individual jobsite in a hub-spoke configuration. I've increased the
cost
on
this site link and decreased the replication interval and still having
same
issues. Anyone come across this scenario? Thanks,

Ryan





.

Relevant Pages

  • Re: Remote site not replicating after ISA upgrade
    ... Can you give more Detailed Info about ISA Remote site configuration? ... When you increase the cost for site link, you should pay attention, because ... Replication configuration does not reflect the physical ...
    (microsoft.public.windows.server.active_directory)
  • Re: Questions regarding replication connections
    ... Let me start by saying that if you have 3 different subnets and 3 different sites you should create 1 subnet for each different site, remember you can have multiple subnets assigned to one site, but you CAN'T have more than 1 site assigned to the same subnet. ... Also note that Sites and subnets play a very important role in user authentication, AD replication, File replication, COs, etc... ... The Knowledge Consistency Checker uses site link configuration information to enable and optimize replication traffic by generating a least-cost replication topology. ... have a high-speed connection such as a T1 and a dial-up link in case the T1 ...
    (microsoft.public.windows.server.active_directory)
  • Re: Controling intersite replication in ADAM
    ... I selected no replication for both new sitelink object ... I read the doc which said Default there is a DEFAULTIPSITELINK Site Link ... > an ADAM instance belonging to the site link for which you want to configure ... In the console tree, double-click the sites container ...
    (microsoft.public.windows.server.active_directory)
  • RE: Replication Topology Redesign
    ... Planning Replication for Branch Office Environments ... newsgroups are focused on break-fix scenarios, and as such the support we ... | one of the core servers in that site link? ...
    (microsoft.public.win2000.active_directory)
  • Re: Controling intersite replication in ADAM
    ... No you can remove the two sites from DEFAULTIPSITELINK if you want to. ... > In fact i did create new site link. ... >> You can define the schedule when replication is allowed to take place on ...
    (microsoft.public.windows.server.active_directory)
Loading