Hi,
I have a question regarding the new setup of a two node failover cluster with W2K8R2 nodes in a kind of DMZ, which means the site is separated from the LAN/AD by a firewall. Rules are set on the firewall that allow replication only to a read only Domain Controller that is located in the site.
Installation of the cluster fails, even after pre-staging the cluster nodes and on the LAN side of the firewall.
Is this a supported configuration at all, or do the firewall admins have to open ports/apply additional rules to allow the two future cluster nodes communication with a writable DC in the LAN (behind the firewall) as I suggest?
Placing a writabe DC in the site is not an option. Creating a separate AD/forest with trust to the main forest is also not an option.
Any other recommendations / procedures ? Which ports/protocol must be opened on the firewall for the cluster nodes IPs ?
Thanks in advance!
Cheers!