please explain

hiya

with the 291 exam its on about VPN's. Now I have a good idea of what they are but surely the end result is similar to a terminal services session ( as you can access the network/drives etc from there )

I know the difference, ie your logging into the network as opposed to using a remote version but what are the benefits or am I missing the obvious?

also Im happy with my last lab having 2 DC's in a single eviroment and replicating between them, but I presume that I would use AD sites and services/trusts to get them to talk/replicate if I had 2 different domains?

bare in mind that Im only just starting the 291 series and I may be trying to just be ahead of myself here.

thanks

Find more posts tagged with

Comments

amyamandaallen

forgot to add I presume the 'branch' or 'other site' DC doesnt connect via a VPN? it 'talks' via some other method. ( I presume this is within the scope of this exam )

Double thanks!

bighornsheep

VPN is a logical connection between two otherwise seperate networks (or nodes). It is a tunnel on top of existing connections such as the Internet. It also supports the use of IPSec (if implemented).

Terminal Services is a client-server framework whereas a VPN is a way of connecting networks together.

Active Directory is a directory protocol that allows centralized control of security and resources.

In essence, the three are indepedent, but a half-decent network will likely have all three.

sprkymrk

The VPN simply creates a "tunnel" through which other protocols can travel. So for instance, Terminal Services can be protected better by tunneling through a VPN connection. In this case you are still using RDP, but that RDP session is further encrypted by the VPN tunnel. So the VPN is nothing like Terminal Services. Terminal Services provides a remote desktop, while a VPN simply connects two points (hosts or networks) through which other protocols (http, ftp, RDP, whatever) can traverse.

amyamandaallen

thanks for taking the time to reply

for me to 'investigate' does any one know how I setup the following?

I have 2 servers on a router ( the routers the DHCP currently ) both on the same domain. now what I want to do is put one server on another network ( ie by changing the subnet

/ip ) and both servers will have static ip's. this will simulate 2 seperate networks joining over the internet. correct?

Cheers

sprkymrk

You'll need to somehow route between the 2 networks with a layer 3 device, or else get creative...

I assume your router has an external and internal interface. The external is ISP assigned and internally you are probably using a provate 192.168.x.x range. If you have one server on 192.168.1.x and the other hard coded to 192.168.2.x something needs to perform the routing for them to communicate.

amyamandaallen

Thats what I assumed.

I'll give it a try, many thanks.

Amy

amyamandaallen

Can someone assist please -

I have 2 servers setup via MS virtual server. one has a ip of 213.168.1.1 the other 213.168.1.2. Now they can both 'see' each other in network neighbourhood. Both are DC's in their own domain with their own AD.

My question is how do I link them together so I can log into either? and setup groups to cover/share/AD resources?

I assume that this falls within the 291 and not the 294 exam

Any help most welcome

sprkymrk

You need to set up a trust between the domains.

amyamandaallen

sprkymrk wrote:

You need to set up a trust between the domains.

thanks for replying

I just trolled technet. sometimes you cant see the wood for the trees.

sprkymrk

amyamandaallen wrote:

sprkymrk wrote:

You need to set up a trust between the domains.

thanks for replying

I just trolled technet. sometimes you cant see the wood for the trees.

Or the domain for the forest...

davenport

sprkymrk wrote:

You need to set up a trust between the domains.

That isn't necessarily true is it? If the domains are members of the same forrest in 2k3 they should trust each other by default. Correct?

sprkymrk

davenport wrote:

sprkymrk wrote:

You need to set up a trust between the domains.

That isn't necessarily true is it? If the domains are members of the same forrest in 2k3 they should trust each other by default. Correct?

You are correct, however the way I read the OP was that they were "in their own domain with their own AD", so I didn't think they were set up as a forest. Good clarification though, thanks.

amyamandaallen

sorry, their not part of a forest. Im trying to pretend to be seperate companies.

davenport

AH Gotcha! What did you name your pretend companies.