Archived from groups: microsoft.public.win2000.active_directory (
More info?)
I haven't tried this and I'm not going to do it.
Most prabably in a scenario like this I will try Herb's solution with the
VPN.
--
Andrei Ungureanu
www.eventid.net
Free Windows event logs reports
http://www.altairtech.ca/evlog/
"ares" <aresblade@hotmail.com> wrote in message
news:OgUluSOQFHA.1528@TK2MSFTNGP09.phx.gbl...
> have you tried this?
> someone did?
> do you have documentation?
> i think that microsft should have but can't find
> thanks
>
>
> "Andrei Ungureanu" <andreix at msn dot com> wrote in message
> news:eX6kqxFQFHA.2748@TK2MSFTNGP09.phx.gbl...
>> In theory you can do the following things:
>>
>> you should set a port used for RPC replication, because by default is a
>> dynamic port by modifying this registry key:
>>
>> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\TCP/IP
>> Port
>>
>> At the and of this page:
>>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/df20bd3e-9914-4a8d-bd5b-3b987c73a34d.mspx
>> you'll see a note with the ports used by AD replication. You must map
>> this ports in nat so that the first domain controller can hit the second
>> DC.
>>
>> Also you must put a static entry in the DNS zone from the first server so
>> that the second DC to look like it has the NAT server ip address.
>>
>> PS: also an interesting article:
>>
http://www.microsoft.com/serviceproviders/columns/config_ipsec_p63623.asp
>>
>>
>> --
>> Andrei Ungureanu
>> www.eventid.net
>> Free Windows event logs reports
>> http://www.altairtech.ca/evlog/
>>
>> "ares" <aresblade@hotmail.com> wrote in message
>> news:eIVulADQFHA.4020@tk2msftngp13.phx.gbl...
>>>i have a dc in one site and a dc in another site with nat in the middle
>>>can
>>> i join the two dc togheter?
>>> i mean have ad replicated with a nat in the middle (this is not a
>>> firewall
>>> question)
>>>
>>> dc1 10.1.1.2----------10.1.1.1nat192.168.0.1-----dc2192.168.0.2
>>>
>>>
>>> dc2 can see dc1 wit an ip like 192.168.0.3 that is the 10.1.1.2 natted
>>>
>>>
>>> how can i let it work?
>>>
>>> (NAT not firewall)
>>>
>>> thanks
>>>
>>>
>>
>>
>
>