|
Just to clarify my earlier statement: If
your connection between the Ciscos isn’t 100%
steady, it might take just those few millisecs too
long for the VPN to get put up, especially if you’re going for more than
the standard 3DES-MD5 sort and configure nifty requirements on the VPN.. in the meantime, your AD replication might just decide that
the other site’s down.. and if your luck’s
down, it’ll get the same result next replication time, etc, etc, I doubt
I need to draw a picture.. Just something I ran across once at a customer and
it was unnervingly annoying. :o) -----Original Message----- On a few occasions
I’ve seen this give some rather annoying results if the connection
between the Cisco’s is not 100% reliable. But if you’re gonna
use the Cisco’s in a VPN Server – Client config with a decent line
and there aren’t any restrictions firewall-wise, it should work decently.
(Not 100% sure if the Cisco VPN Server – Client thing works with two
525’s, to be honest, we had a 3000 VPN Concentrator on the other side,
so..) Oh, and using the
connection as ‘on demand’ should work alright, but if you can, put
up a dedicated VPN instead.. when I say that it ‘should work
alright’, it’s another one of those ‘perfect world’
scenarios.. ;) Paul. -----Original Message----- Hello
Collective List Wisdom ;) I’ve
just been tasked with setting up our AD to replicate over a Cisco Pix VPN.
I’ve assembled some links now to various Microsoft articles and Cisco
articles regarding most facets of what will be involved. What I’m looking
for are any “Gotcha’s” from the real world versus the perfect
one the writers of said articles tend to live in. Essentially setup is proposed
as follows: Here
– 2 DC’s (Windows 2003 Server) and 2 Cisco 525’s (high
availability) Remote
Site – 1 DC (Windows 2003 Server and 1 Cisco 525 VPN link
between here and remote site for AD Replication, etc. As I
said earlier, I’m mostly looking for “notes from the field”
covering things they DON’T tell you in most articles. I’m back to
my light reading…. r/ Lou |
