Options
Setting up AD Sites and Subnets in VirtualBox
Haunt
Member Posts: 62 ■■□□□□□□□□
I currently have a 2008 AD domain with 2 DC's setup in VirtualBox. I'm using pfSense as the gateway between the domain and the Internet connection from my computer. It has one LAN NIC that's serving the domain internally and another WAN NIC that's internet connected through my host PC. So the DC's (on 192.168.2.0) can communicate with each other and still have access to the Internet.
This setup has worked great, but I want to setup another 2 DC's in the same domain but in another site and subnet (192.168.3.0) so I can configure replication, but I can't figure out how I need to network them. I've tried adding a third NIC to pfSense and configuring it for the 192.168.3.0 subnet but I can't get it to communicate with the .2.0 subnet DC's. I think it's being routed out to my actual DSL router through the WAN NIC when I need it to route it to the .2.0 NIC and onto my .2.0 subnet DC's.
Really hoping someone has set something like this up that can give me a definitive answer on how to get it to work but I would really appreciate any suggestions at all as I've tried so many things that haven't worked and am ready to pull my hair out!
This setup has worked great, but I want to setup another 2 DC's in the same domain but in another site and subnet (192.168.3.0) so I can configure replication, but I can't figure out how I need to network them. I've tried adding a third NIC to pfSense and configuring it for the 192.168.3.0 subnet but I can't get it to communicate with the .2.0 subnet DC's. I think it's being routed out to my actual DSL router through the WAN NIC when I need it to route it to the .2.0 NIC and onto my .2.0 subnet DC's.
Really hoping someone has set something like this up that can give me a definitive answer on how to get it to work but I would really appreciate any suggestions at all as I've tried so many things that haven't worked and am ready to pull my hair out!
Comments
-
Optionscruwl
Member Posts: 341 ■■□□□□□□□□
Im not familiar with pfsense, but if you cant get that work you can always create a new site and manually move a DC or 2 into it. Just dont set any ip subnets to either Site. Site replication should then function.
Thats what I did for my lab until I installed another router and used a laptop in a different subnet to host VMs. -
OptionsHaunt
Member Posts: 62 ■■□□□□□□□□
I figured out how to do this so if anyone else wants to do something similar reply here or PM and I'll explain how. I'm nearly bald after all the hair I pulled out trying to figure this out, sheesh.
-
Options
Valor85
Member Posts: 16 ■□□□□□□□□□
I'd like to know how to do it. I use pfsense too! I tried one time but couldn't get the two subnets to communicate with each other. -
Options
MentholMoose
Member Posts: 1,525 ■■■■■■■■□□
I've never used pfsense, but this is very simple with any Linux OS. Follow this guide:
HOWTO: Linux NAT in Four Steps using iptables
The guide is for only one internal network, so you must add similar FORWARD rules for additional internal networks to access the outside, and add FORWARD rules to forward traffic between each internal network.
I used such a configuration to lab a multi-site layout when studying for MCITP: SA and EA. I also installed and configured a DHCP relay on my Linux router VM to lab multi-scope DHCP.
A sample of the iptables configuration is here:
Simple Linux NAT router - Pastebin.com
p2p1 is a Bridged or NAT interface in VirtualBox, and p7p1 and p8p1 are Internal interfaces.MentholMoose
MCSA 2003, LFCS, LFCE (expired), VCP6-DCV -
Options
Routerronin
Banned Posts: 76 ■■□□□□□□□□
MentholMoose wrote: »I've never used pfsense, but this is very simple with any Linux OS. Follow this guide:
HOWTO: Linux NAT in Four Steps using iptables
The guide is for only one internal network, so you must add similar FORWARD rules for additional internal networks to access the outside, and add FORWARD rules to forward traffic between each internal network.
I used such a configuration to lab a multi-site layout when studying for MCITP: SA and EA. I also installed and configured a DHCP relay on my Linux router VM to lab multi-scope DHCP.
A sample of the iptables configuration is here:
Simple Linux NAT router - Pastebin.com
p2p1 is a Bridged or NAT interface in VirtualBox, and p7p1 and p8p1 are Internal interfaces.
Didnt knowyou microsoft boys did such things. Nice. -
Optionszell_udm
Registered Users Posts: 1 ■□□□□□□□□□
This thread has been a fortunate find so far. I found something else using another Windows machine instead of pfSense,
https://smtpport25.wordpress.com/2010/08/21/configuring-windows-2008-r2-ad-multi-site-with-routing-and-route-access-configuration-for-the-lab/
Hi Haunt,
I'm new to this forum and unable to PM you. I'm curious to know of your pfSense setup that helped you achieve this. I have the exact same machines on VirtualBox and braking my head on getting this up/
