Re: AS Sites and Services

Build out a vpn of site to site, creating a triangular connection. Thereby
any failure on one link wouldn't prevent site to site activity. We used to
do this on certain links that needed to be able to communicate in the event
of a hub failure. Yes, this would break the defined hub and spoke model and
I understand that but it is an option Cary (Former MVP himself) may need to
think about

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Marcin" <marcin@xxxxxxxxxxxxxxxx> wrote in message
news:%238FsZ$SLJHA.5952@xxxxxxxxxxxxxxxxxxxxxxx
Paul,
unless I'm misreading something, this is an example of hub-and-spokes
topology (so all traffic between remote locations flows via HQ). Assuming
that routing is still available following the HQ site failure, what sort
of manual links would you consider setting up (with the HQ-to-remote costs
assigned according to the info in the original post)?

best regards,
Marcin

"Paul Bergson [MVP-DS]" <pbergson@xxxxxxxxxxxxxxxxx> wrote in message
news:%23aKTr3SLJHA.5568@xxxxxxxxxxxxxxxxxxxxxxx
By down, do you mean physically? If so, then there would be no ability
to communicate so you would need to build out additional physical links
so that site-x could talk to site-y. Bridging will work as long as
connectivity (Routing) is still available. So you can look at that but
once you enable bridging the KCC will probably setup routes that won't be
optimum, so I would caution you to move slowly and think out what you
want and define all connections manually.

Although the link below is for large networks you should still read
through it, it speaks of things to evaluate before making network
changes.
http://support.microsoft.com/kb/244368

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.

"Cary Shultz" <cshultz@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:e8QP4gSLJHA.6000@xxxxxxxxxxxxxxxxxxxxxxx
Good morning (again!)

We have a couple of clients who have multiple "remote" sites. The Site
Links are set up such that the "HQ" location is the center of the
universe. So, the Site Links look like this:

HQ - Remote1 100 90
HQ - Remote2 100 90
HQ - Remote3 100 90
HQ - Remote4 100 90
HQ - Remote5 100 90

This is all fine and good....but what if "HQ" goes down for several
hours?

Oh, should state that each location, typically, has a bonded T1 and that
there is a Firewall-to-Firewall VPN between each office and all the
others. Read: there is a valid network route from, say, Remote 3 to
Remote5.

I am interested in Redundancy. So, my thoughts are such:

Keep the existing Site Links. Cost is 100 and Replication Interval is
90 Minutes. This is depicted in the "chart" above.

Create additional Site Links, give them a Cost of 150 (for
example...point is, higher than 100) and a Replication Internal of 120
(just to keep things visually different). The question here is - what
is the most optimal "pairing" for the Site Links? 1 and 4, for example,
and 2 and 5 and then 3 and "pick one"?

There are two Domain Controllers in "HQ" and there is one DC in each
Remote Site. All DCs are also DNS Servers and GCs. Running Windows
Server 2003 SP2 in all cases.

Thanks,

Cary







.

Relevant Pages

  • Re: Remote Access and ISA Server in SBS 2003?
    ... I am glad to hear the Remote Access Wizard is working fine now. ... there is no difference in VPN between SBS 4.5 and SBS ... Error Message: VPN Connection Error 800: Unable to Establish Connection ... the external NIC of the SBS Server. ...
    (microsoft.public.windows.server.sbs)
  • Re: Connecting a remote workstation to a domain
    ... If you have more than a couple of remote workstations connecting to the SBS ... server via VPN, you really need to consider a Terminal Server in the main ... "Log in using a dial up connection" checkbox, ... roaming profile then synchronizes with the server over the VPN); ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN Client
    ... Thanks for the help on losing the remote connection when you connect to VPN. ... Regarding the router port forward issue, you should point the port 1723 to ...
    (microsoft.public.windows.server.sbs)
  • Re: Outbound VPN connection & routing
    ... through VPN connection. ... You have to rerun the CEICW to make sure your SBS 2003 server have ... I suggest we try to manually create a VPN connection on the remote ...
    (microsoft.public.windows.server.sbs)
  • Sometimes it works sometimes it doesnt (VPN data issues)
    ... I am running a windows2k3 SBS server behind a linksys firewall. ... remote users having troubles connecting to our network. ... I figured this was a firewall issue blocking VPN data, ... the connection will stall and then starting the connection process ...
    (microsoft.public.windows.server.networking)
Loading