We have a local LAN with devices/clients all using 192.168.100.x range
We have a remote site in the cloud all using the same range
We have a VPN between the two sites, with NAT at both sides:
- local site: NAT 192.168.104.x -> 192.168.100.x
- remote site: NAT 192.168.10.x -> 192.168.100.x
We have a domain control locally (lets just say 192.168.100.60) and we want to setup a remote domain controller (192.168.100.61) however we cannot seem to connect to the local DC from the remote server. The remote server has 2x network adapters, which I'm not sure is causing some issues. The error I get when adding a controller to an existing domain is 'an active directory domain controller for the domain "domainname" could not be contacted'
Is there a better way of setting this up? I fear this method could cause confusion with the NAT in the middle, but to change our subnet is a huge task
All DCs are Windows server 2016
Best Answer
So you want to have the same domain have domain controllers on both sides of this NAT? You can have communication working between these two networks, but if you try to set up a shared domain across them, the DNS will hold the REAL IP values for the opposite domain controllers. This will then make both of them think that the other domain controller is on the same subnet, and you will soon be running into more problems than changing the subnet.
You may be able to add a subnet and find some level of what can stay and what would need to be on non-NAT addressing.