AD Sites and Services NAT subnets?

By burnham187
in Microsoft (Windows)

 Share

Recommended Posts

Explorer

burnham187

Posted
Posted

Currently there is many different forests, many

of which are still NT4.0. We are currently working on migrating all

of them, about 10 or so, to fall under our single domain, single

namespace. Our single domain will host about 20,000 users. There is

probably more than 300 different Class C address being used total

between all of the sites, all doing there own internal IP addressing

scheme. Currently all of their clients are servers are using private

addresses. The reason this isnt a problem now is because a firewall

takes care of the external to internal mapping to the correct

destination. We will be changing the structure to where the main

Domain controllers that will be at each site will have external IP

addresses. The problem is we wont be able to change the way they do

their internal Ip addressing for their clients, which is where some of

them may have the same internal Subnets as we have. So how do we set

up the AD sites and services. As I know you are aware, AD sites and

services is where you create the physical topology of all the sites by

defining all of the subnets for each site. First question is must we

even add the internal client NAT subnets to the correct sites, or can

we get away with just using the external subnets that the DC's are

going to be using for each site. If we do have to add the NAT

subnets, this will be a problem as some of the other sites are using

the same internal NAT subnets as we are. I know someone is going to say restructure

there ip scheme to where there is no duplicate subnets, but that may not be an option

for us. Thanks for the help ahead of time.

Link to comment
https://www.neowin.net/forum/topic/221784-ad-sites-and-services-nat-subnets/
Share on other sites
Explorer

burnham187

Posted
  • Author
Posted

Thanks for the reply. Okay lets say that the DC's will stay on internal Ip addresses. This will be possible as we will be able to set up VPN's between the sites. What about the other sites that we cant controll their internal NAT Subnetes that interfear with other sites subnets meaning there may be a subnet of 10.10.40.0 in two or three different sites. Is this an issue in AD Sites and services? Thanks

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Here is how I fixed Windows 11 not booting after clean installation

      By FunkyMike · Posted

      Useful to know, thanks!
    • Here is how I fixed Windows 11 not booting after clean installation

      By TarasBuria · Posted

      Here is how I fixed Windows 11 not booting after clean installation by Taras Buria Story time. A couple of weeks ago, I experienced a very odd thing with my computers. I was trying to reinstall Windows 11 on my primary device, and everything was going smoothly until the installer performed the first restart. After that, my computer entered the boot disk selection screen instead of continuing the setup process. Huh, that's odd, said I, and selected Windows Boot Manager only to see it fall back into the same screen right away. Then I tried booting from the USB drive with the same result—the PC kept returning to the boot device selection screen, and removing the drive would send my PC to UEFI, again, with no way to launch Windows 11. I fired up my spare laptop, which has been sitting unused for quite a while, to see if I am dealing with a defective USB drive. Nope, Windows 11 installed and started without issues. After trying another drive and checking all the possible settings in UEFI, I decided to try disabling Secure Boot. Lo and behold, Windows 11 started as it should have been in the first place, continued the setup process, and reached the initial setup screen. Victory! After I finished the setup and applied all updates, I re-enabled Secure Boot, and Windows 11 started without issues. Some time later, I tried reinstalling Windows 11 on my laptop only to experience similar issues, with UEFI claiming a Secure Boot violation. I checked whether the drive works on my main PC, and yes, it installed Windows 11 without errors. I scratched my head, went to UEFI, turned off Secure Boot, and installed Windows 11 without issues. After that, I enabled Secure Boot. Note: I used the official Media Creation Tool app for my USB drive. Also, UEFI was properly configured for Windows 11, including no Legacy Mode, a GPT-partitioned drive, and TPM and Secure Boot enabled. From my experience, if you are dealing with similar symptoms, I recommend two things: If you use old Windows 11 install media, create a new one with the latest Windows 11 release, especially if you know your PC already has the latest Secure Boot certificates. If you cannot create a new one, turn off Secure Boot, complete the installation, download all available updates, and then re-enable Secure Boot in UEFI. Note that you need to turn off Secure Boot after installing Windows 11. Otherwise, the installer won't run, claiming a hardware requirements mismatch. I believe the problem hides in Secure Boot certificates that expire this month. Microsoft is currently rolling out new certificates, and maybe a mismatch was causing these issues for both of my systems. I am out of my depth to make a definitive statement; this article is flagged as "Opinion," as I only share my experience and some tips on how to fix the problem. If some of you possess deeper knowledge and understanding of the situation, please share it in the comments. As for everyone else struggling with computers not booting after a clean install, the two steps above should get you out of the pickle.
    • Microsoft releases new Windows 11 Media Creation Tool with the latest updates

      By +LightEco · Posted

      I gave the tool a chance the other day to make a USB. An hour later it was stuck at 0% downloaded. I downloaded the official ISO, downloaded Rufus, and made the USB myself in 15 min.
    • what other retro software do yall use

      By Nick H. · Posted

      <Moved to software discussion and support> I've got fond memories of Winamp. Changing the skins, the different visualisations etc. But now I just need a simple music player. MSN messenger would be another one, MSN Messenger Plus (I think?) offered so many different plugins. But again, it probably wouldn't work for me these days. And then there is miRC. i think it's still going these days, but lord i had fun with that back in the day. Now it's mostly stuff like Discord, WhatsApp group chats, Signal, Telegram... /me is showing his age...
    • what other retro software do yall use

      By flexorcist · Posted

      ive always been fascinated by old software this is an old video player for windows from apple

  • Recent Achievements

    • Conversation Starter
      flexorcist earned a badge
      Conversation Starter
    • One Month Later
      AndreaB earned a badge
      One Month Later
    • One Month Later
      agatameier earned a badge
      One Month Later
    • Week One Done
      agatameier earned a badge
      Week One Done
    • Week One Done
      ssd21345 earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      518
    2. 2
      +Edouard
      198
    3. 3
      PsYcHoKiLLa
      147
    4. 4
      ATLien_0
      94
    5. 5
      Steven P.
      77
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!