Get answers from your peers along with millions of IT pros who visit Spiceworks.
Join Now

Currently, I've got a local Dell 330 server and a Dell T110 server that have linked DC's and use DFSR to sync files between each server.  One server runs 2012R, the other runs 2012.  Each runs Hyper-V and has two VM's, the DC and an FS.

It looks like I am going to rent a remote server, dump the T110, and essentially recreate it on my remote server.  I then understand that I can setup a VPN connection between the two servers to enable synchronization and data replication.

Here's what I don't get.  So long as my local server and its associated Meraki firewall are alive, my local, in office, users are direct connected to my local server via my Meraki firewall with dual WAN's, and either a Comcast or AT&T link in.  My users exclusively access the server via a VPN to the Meraki, which uses a symbolic URL so that connections can be made over either WAN, or they connect via ScreenConnect.

How do I set things up such that if I lose power and comms at my local site due to a hurricane... a very real possibility... I can have my remote server transparently become  the server that is used?  Do I need a cloud based SD WAN?  Not sure I understand it all.

TIA


Spiceworks Help Desk

The help desk software for IT. Free.

Track users' IT needs, easily, and with only the features you need.

9 Replies

· · ·
Kendell
Chipotle
OP
Kendell This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.

It would appear that you're throwing lots of jargon terms in to solving a fairly common problem.  I would recommend hiring an MSP with experience in such systems, and learning as much  as you can about how to set it up from them.

6
· · ·
wayneherbert2
Serrano
OP
wayneherbert2 This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.

Kendell wrote:

It would appear that you're throwing lots of jargon terms in to solving a fairly common problem.  I would recommend hiring an MSP with experience in such systems, and learning as much  as you can about how to set it up from them.

That was a completely useless response, but thanks for replying.

2
· · ·
deanmoncaster
Datil
OP
deanmoncaster This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.

I would second Kendell here, and no, it isn't really a useless response.

I did this a long time ago, i had a point to point VPN between two cisco firewalls over a leased line. This seamlessly connected the entire AD Forest and allowed replication for catalogues and domain controllers. This was a time before cloud was even a thing.

Our fix to this was to install a second line so if the first one went down the second one would take over, it meant failover firewalls and routers but it worked exactly as expected.

The thing i dont get here is this, you say " So long as my local server and its associated Meraki firewall are alive, my local, in office, users are direct connected to my local server via my Meraki firewall with dual WAN's,"

My first thought is, "what the heck does that mean?" i think you need to explain the scenario here better because that reads "my local in office people can access my local in office server through a firewall" that is expected they are local, they would be using your lan and they can access it, easy. But then you say " How do I set things up such that if I lose power and comms at my local site due to a hurricane they can seamlessly access the cloud server?". Well you have to think, if they are local in office users and they have lost access to a server that is sitting in the same office as they are, how the heck are they going to be able to access the internet to connect to a remote cloud server? You have potentially lost power and network comms which is why they cannot access the local server, your server will be on a UPS, the local users more than likely won't be. Chances are their local machines have turned off due to no power. Overall they stand more chance of accessing the local server than the remote one in the cloud.

To try and make sense of this scenario you have posted i have interpreted a lot of what you possibly really meant and this is what i have come up, I am going to guess that everyone, while local to the area, are really remote working and not in the same office as the server at all. They are connecting remotely to the local server via VPN and you want to know how to get people to use a cloud server when the local in office server isn't available due to a hurricane or other such failure? is that getting somewhere close to where you are thinking? My first thought is, why can you not just use the cloud server at all times? Is there a reason for this or is it something you could not use? It would negate the need for failovers and complicated setups etc. 

Alternatively i would say that an MSP setting this up for you would be a far better thing to do as they can support it and make changes for you as and when it is required. You can learn from them and use them as a stepping stone into this world so you know for future.

I think you need to explain the scenario a little better and clearer because right now what you have written doesn't overly make sense unless i guess at what you might be actually asking which could be wide of the mark and doesn't help you at all.

can you draw a picture of the setup you have now?

6
· · ·
michaelbell3
Tabasco
OP
michaelbell3 This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.

I agree with the respondents, as what you are explaining doesn't make sense. Get help as suggested, once you get a handle on how they do it, you can probably take it over.  There is a lot of complexity in what you are trying to do, and no one way best fix, there are many options to do, at least what we think you want to do, but without a better understanding of your current configuration and a nonsensical objective, not much we can do to help.    It does beg to question; if your local site has lost power, how are they supposed to access anything, much less a remote server?

2
· · ·
Kendell
Chipotle
OP
Kendell This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.

I admit, I could have elaborated a little more in my initial response.  Apologies if I came off as rude...that was not intended.  I think both of the other posters here relayed our mutual sentiment more eloquently than I.

There is no shame in bringing in a consultant more experienced in a given technology set that one is not familiar with...I commonly do so myself.

0
· · ·
wayneherbert2
Serrano
OP
wayneherbert2 This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.

Kendell wrote:

I admit, I could have elaborated a little more in my initial response.  Apologies if I came off as rude...that was not intended.  I think both of the other posters here relayed our mutual sentiment more eloquently than I.

There is no shame in bringing in a consultant more experienced in a given technology set that one is not familiar with...I commonly do so myself.

I'll bring in a consultant, if and when I deem it is necessary, and if I even decide to go this route.

Spiceworks has previously been a good place to get tips and understanding for a wide variety of technical issues.

I'm not dumb, I'm not inexperienced... I want a solid understanding of the basics before seeking out vendors and/or consultants.

Looks like it's time for a conversation with Professor Google.

And FWIW, a restatement of the goal.

  1. I have a small in house Dell T330 server with two VM's, a DC and an FS
  2. I want to rent a server from a hosting provider and I want to spin up two VM's on it as well, a DC sync'ed with my local server and an FS that replicates with my local server using DFS.
  3. I have already confirmed with my potential hosting provider that I can setup a site to site VPN using my in house Meraki such that my rented server is in the same subnet as my local server.  I can then initiate my replication activities.

My users currently access my local servers through a VPN connection, handled by my Meraki firewall.  I want a setup that provides my users with a VPN address that is smart enough to direct traffic to my local servers or to my remote servers if my local servers don't respond.

2
· · ·
Kendell
Chipotle
OP
Kendell This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.

That's fair.  Thank you for the clarification of your scenario.

For transparency, I do not believe that anyone here was calling anyone "dumb" or "inexperienced."

Given your clarified description of your scenario, I suppose I would have to echo deanmoncaster​'s question:  "why can you not just use the cloud server at all times?" 

It would very much simplify your scenario, and take potential physical/environmental challenges out of the equation.  You could still use your existing Meraki infrastructure on-location (good stuff,) and as an added bonus, give you a level of High Availability and likely provided/managed backup systems (depending on cloud vendor.)  With this sort of cloud-based solution, there would probably still be a VPN component of some sort that might be determined/recommend based on cloud vendor, but I suspect your Meraki systems would be compatible with most major vendors. 

I would, however, recommend that you do not run both on-premise solutions and your cloud solutions on the same subnet.  Again, I suspect your Meraki infrastructure could handle the routing between disparate subnets, and would eliminate any kind of extraneous broadcast traffic needlessly eating up your Internet bandwidth.

Regards

2
· · ·
deanmoncaster
Datil
OP
deanmoncaster This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.

I like what Kendell said.

Basically if you can configure some sort of round robin DNS config with weights that would suffice.

https://en.wikipedia.org/wiki/Round-robin_DNS

Or even just a set of SRV DNS entries with weights would work.

https://en.wikipedia.org/wiki/SRV_record

FQDN WEIGHT IPADDRESS

remote.mycompany.com 10 127.0.0.1

remote.mycompany.com 20 127.0.0.2

then when the first address is not available the end users could access the second seamlessly using the DNS entries.

DNS failover is something that might be worth looking into

https://dnsmadeeasy.com/services/dnsfailover/

That should give you what you need at least from an end user perspective. You will need low TTL however otherwise you will get stale addresses in your end user PCs.

Does that help start the ball rolling?

1
· · ·
dbmachar
Tabasco
OP
dbmachar This person is a Verified Professional
This person is a verified professional.
Verify your account to enable IT peers to see that you are a professional.
Sometimes it makes sense to bring in a consultant because we are not experts at everything IT. I know a large amount of things, but I would say only proficient at 70% of it. The things you are not so proficient at to me makes sense to bring in someone that is more versed in that area and save time and aggravation. This also seems to be a good learning experience to pick up new skills when working with said consultants. Try my thoughts here!!! 
1
Oops, something's wrong below.