Join two Domain Controls on two separat LANs together as if

[nam2long]

I want to join my Amazon Web Services (AWS) domain to my in home Domain Controller. Essentially having it act as if all my AWS servers were here on site and eventually join another branch location to the network as if I was on one been network connected via Ethernet and switch/router. I have been trying to do this for a while and I am pretty technical but VPN is a realm I have very little experience in. Please note that this is a project for learning experience and not for production. However, I would like to learn to implement this in production to be able to add experience to my resume. I really want to learn this so any help I can benefit from is appreciate.

So here we go:

1> OS: Windows Server 2012 R2 x64 on both networks

2. ipconfig:

>Server 1
Windows IP Configuration
Host Name . . . . . . . . . . . . : ITN-DC01
Primary Dns Suffix . . . . . . . : mydomain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : us-west-2.ec2-utilities.amazonaws.com
us-east-1.ec2-utilities.amazonaws.com
ec2-utilities.amazonaws.com
ec2.internal
compute-1.internal
us-west-2.compute.internal
mydomain.local
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . : us-west-2.compute.internal
Description . . . . . . . . . . . : AWS PV Network Device #0
Physical Address. . . . . . . . . : 02-24-23-29-96-9B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : *REMOVED PRIVATE IP*
IPv4 Address. . . . . . . . . . . : *REMOVED PRIVATE IP*
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Lease Obtained. . . . . . . . . . : Thursday, November 24, 2016 6:52:37 PM
Lease Expires . . . . . . . . . . : Friday, November 25, 2016 4:22:40 PM
Default Gateway . . . . . . . . . : 172.31.16.1
DHCP Server . . . . . . . . . . . : 172.31.16.1
DHCPv6 IAID . . . . . . . . . . . : 203554827
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-AB-1E-62-02-24-23-29-96-9B
DNS Servers . . . . . . . . . . . : ::1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.us-west-2.compute.internal:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : us-west-2.compute.internal
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes


>SERVER 2
Windows IP Configuration
Host Name . . . . . . . . . . . . : ITN-DC03
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mydomain.local
myisp.net
Ethernet adapter VPN - VPN Client:
Connection-specific DNS Suffix . : mydomain.local
Description . . . . . . . . . . . : VPN Client Adapter - VPN
Physical Address. . . . . . . . . : 00-AC-D0-2A-64-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8d1e:2dc:1919:1f83%18(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.30.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, November 25, 2016 7:02:05 AM
Lease Expires . . . . . . . . . . : Friday, November 25, 2016 9:02:05 AM
Default Gateway . . . . . . . . . : 192.168.30.1
DHCP Server . . . . . . . . . . . : 192.168.30.1
DHCPv6 IAID . . . . . . . . . . . : 553692368
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-C7-29-4F-30-8D-99-CC-9F-6
DNS Servers . . . . . . . . . . . : 192.168.30.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Ethernet 2:
Connection-specific DNS Suffix . : myisp.net
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
Physical Address. . . . . . . . . : 30-8D-99-CC-9F-60
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2602:304:cc14:4c0:d59e:f886:1958:4046(Pr
ferred)
Link-local IPv6 Address . . . . . : fe80::d59e:f886:1958:4046%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, November 24, 2016 9:24:51 PM
Lease Expires . . . . . . . . . . : Friday, November 25, 2016 9:24:51 PM
Default Gateway . . . . . . . . . : fe80::16ed:bbff:fe5d:6a5d%13
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 372280729
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-C7-29-4F-30-8D-99-CC-9F-6
DNS Servers . . . . . . . . . . . : 2602:304:cc14:4c0::1
192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 30-8D-99-CC-9F-61
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.myisp.net:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :myisp.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.mydomain.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : mydomain.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes


3. The result of "systeminfo" (Windows)
summerized: ProLiant ML10 v2 with 16GB RAM, 1TB hard drive, Two NICs (one in use), Two virtual (see below)
[01]: Broadcom NetXtreme Gigabit Ethern
Connection Name: Ethernet
Status: Media disconnect
[02]: Broadcom NetXtreme Gigabit Ethern
Connection Name: Ethernet 2
DHCP Enabled: Yes
DHCP Server: 192.168.0.254
IP address(es)
[01]: 192.168.0.5
[02]: fe80::d59e:f886:1958:4046
[03]: 2602:304:cc14:4c0:d59e:f886
[03]: NeoRouter Virtual Network Interfa
Connection Name: Local Area Conne
Status: Hardware not pre
[04]: VPN Client Adapter - VPN
Connection Name: VPN - VPN Client
DHCP Enabled: Yes
DHCP Server: 192.168.30.1
IP address(es)
[01]: 192.168.30.11
[02]: fe80::8d1e:2dc:1919:1f83

4. The build number of SoftEther VPN:
9608 (I have the RTM)

5. Which SoftEther VPN component are you using?
I am using all for LAN-to-LAN and my l2tp doesn't work my windows clients or my phone if that helps

6. Whether or not there is a NAT or Firewall between your VPN server and the Internet.
(If there is a NAT or Firewall, you should open a TCP port for the VPN listener.)
I have all the ports listed as open for outbound and inbound on the AWS server...should these be opened for my home router? My home router is protected by the routers firewall and NAT...both servers have the firewalls turned off for now..I will work them back on when I get it working

7. Are you using SecureNAT?
(If so, why don't you use the Local Bridge function instead?
I was, but after disabling it there is no pings to either side. I have local bridge enabled though

8. Your current vpn_server.config or vpn_bridge.config file should be attached on the post.
(You may hide your confidential information on these config files if included)

{ATTACHED VIA config.txt}



Again, any help will be appreciated. my end goal is to run my house like a business network.. you know I loginto my desktop and have roaming profiles and can loginto my laptop while in the back yard enjoying some sweet tea and have all my stuff there. I also want to access my home NAS from the AWS server to store files and host files via reverse proxy or mount the drive to apache when I add one..lol

[raafat]

It's not clear what you want. Do you want to make the remote DC an additional DC to your home's DC ? or you want to join machines from your home to the remote DC ?

[nam2long]

I want to join the home DC to the cloud one but everytime I do so it can't communicate with the other end. I also can not see the other machines on my home network from the cloud server. Maybe I need a virtual LAN on both servers? but that sounds counter productive to Site-to-Site VPN


Would this be what I am looking for: https://www.seswan.com/viewtopic.php?f=8&t=4

I want one network...regardless of its location and I want to have the same control over a PC as I would if it were in my LAN even if they are different branches/networks

[raafat]

Do you mean by "join" making the home DC capable of communicating with the cloudy DC ?. I mean by "communicating" they both see each other as if they were on the same Ethernet segment/IP network. Or you meant to use "join" as Microsoft defined in its docs ?