none
Windows server 2012 - No users or any data when not connected to VPN

    Question

  • Hello,

    We are moving our entire company infrastructure to cloud so I was trying to replicate our AD-DC.

    I installed Windows Server 2012 R2 in the cloud and replicated our domain controller. To be able to replicate, i had to connect the new server to VPN first. I tried adding DNS IP of the DC to IPv4 settings, but it wouldn't connect until it was connected to VPN.

    The issue I'm having now is that, when the secondary DC is not connected to VPN, I can't see any of the data (users, computers, ...). I have to keep the original DC active until all other servers are transfered and connected to cloud so I can't transfer roles, but I can't even ping the DC in cloud from any other server in the cloud when it's connected to VPN.

    Is there any way to make both DCs active and independent of each other?

    Saturday, July 14, 2018 9:16 AM

All replies

  • Hi,

    Thanks for your question.

    Based on my experience, it is recommended to use VPN to do the communication between DCs for security. Due to open ports of AD required into Internet is very danger.

    First, we need to assure that the DCs can be routable to the cloud DC with PING or Tracert. Please make sure that ICMP port is opened between the two ends.

    Then, we’ll check that these ports AD replication required should be opened over the two ends devices (like firewalls or other devices). Please refer to the following article talked about the requirement of AD replication ports,

    Active Directory Replication over Firewalls

    https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/bb727063(v=technet.10)

    Hope above information can help you.

    Highly appreciate your effort and time. If you have any question and concern, please feel free to let me know.

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, July 16, 2018 2:46 AM
  • Hi,

    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

    Best Regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, July 18, 2018 10:19 AM
  • Hi,

    Just want to confirm the current situations.

    Please feel free to let us know if you need further assistance.

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Sunday, July 22, 2018 9:34 AM