Phone sales support +39 0575 05077
  Phone technical support +39 0575 0508
 
Cloud Server > 17 - Design a data center > Configurazione server Windows

17.10.1 Configurazione server Windows Cloud Server Pro service guide

In this second part, specific for those with Windows servers, we proceed with the configuration of the Cloud Servers in the two data centers so they can reach one another through the private  OpenVPN tunnel that has been established.
This is the diagram of the network we are creating:
 

The pre-requirements for this guide are the same as the first part, and in particular you need to connect a network adapter of the Cloud Server through a Virtual Switch to the pfSense router/firewall.
To allow the "server1" to reach the "server2" first of all you need to connect the "server1" with the "pfsense1" through a private IP address (in the example we will use 10.0.1.100), assigned to the second network adapter. The "server1" and "server2", object of this guide, can continue to have their public IP address, through which to communicate directly to and from the Internet. The traffic addressed to the other server will travel through the private OpenVPN tunnel established between "pfsense1" and "pfsense2".
 
 ATTENTION: to avoid problems in case of error while following these instructions, persistent problems such as to block the Cloud Servers, in this guide we will configure the routing TEMPORARILY.
This means that the configurations will only last until the server (or the relevant network interfaces) is rebooted. In case of failures simply reboot "server1" and/or "server2" to restore the previous configuration. However, it is possible to simply make these changes permanent, as indicated below in this guide
Here is a diagram of the network we are creating:
 
 

1 - Configure "server1"

  • 1.1connect to your Windows Cloud Server through Remote Desktop using the  "Administrator" user
  • 1.2configure a private network in the Windows Cloud Server. During this step you need to note down the name of the network adapter you are configuring (this is usually "Lan 2")
  • 1.3allow all the traffic for the network interface connected to "pfsense1" via the "virtual switch 1"
  • 1.4open "Command Prompt"
  • 1.5type in the command: route add 10.0.2.0 mask 255.255.255.0 10.0.1.1
  • 1.6for Windows 2003
    • 1.6.1check the name of the network adapter connected to "pfsense1" configured in step 1.2 (the name is usually "Lan 2")
    • 1.6.2if the name of the network adapter is not "LAN 2" replace the name in the following command, otherwise type in the command: netsh firewall set opmode mode=disable interface="LAN 2"
  • 1.7for Windows 2008 and later versions
    • 1.7.1type in the following command: netsh advfirewall firewall add rule name="Allow OpenVPN LAN" dir=in action=allow localip="10.0.1.0/24"

2 - Configure "server2"

  • 2.1connect to your Windows Cloud Server through Remote Desktop using the  "Administrator" user
  • 2.2configure a private network in the Windows Cloud Server. During this step you need to note down the name of the network adapter you are configuring (this is usually "Lan 2")
  • 2.3allow all the traffic for the network interface connected to "pfsense1" via the "virtual switch 1"
  • 2.4open "Command Prompt"
  • 2.5type in the following command: route add 10.0.1.0 mask 255.255.255.0 10.0.2.1
  • 2.6for Windows 2003
    • 2.6.1check the name of the network adapter connected to "pfsense1" configured in step 2.2 (the name is usually "Lan 2")
    • 2.6.2if the name of the network adapter is not "LAN 2" replace the name in the following command, otherwise type in the command: netsh firewall set opmode mode=disable interface="LAN 2"
  • 2.7for Windows 2008 and later versions
    • 2.7.1type in the following command: netsh advfirewall firewall add rule name="Allow OpenVPN LAN" dir=in action=allow localip="10.0.2.0/24"
After checking that the servers work correctly, if you wish to make the changes to the routing made in steps 1.5 and 2.5 permanent (therefore persistent after rebooting), it is possible to change the command by adding the parameter "-p". The commands in steps 1.5 and 2.5 will become the following: route –p add 10.0.2.0 mask 255.255.255.0 10.0.1.1 route –p add 10.0.1.0 mask 255.255.255.0 10.0.2.1

3 - Check connection

  • 3.1from "server1"
    • 3.1.1open "Command Prompt" and type in the following command: ping 10.0.2.1
    • 3.1.2make sure you get a response from "pfsense2"
    • 3.1.3type in the following command: ping 10.0.2.100
    • 3.1.4make sure you get a response from "server2"
  • 3.2and also from "server2"
    • 3.2.1open "Command Prompt" and type in the following command: ping 10.0.1.1
    • 3.2.2make sure you get a response from "pfsense1"
    • 3.2.3type in the following command: ping 10.0.1.100
    • 3.2.4make sure you get a response from "server1"

At this point we have checked that the connection between "server1" and "server2" has been  established. The two servers can now reach one another through the private IP addresses  10.0.1.100 and 10.0.2.100. All the network services (web, database, file sharing, etc.) offered by  "server1" will be available from "server2" and vice versa. To this private network you can add other servers ("server3", "server4", etc.) simply by changing the steps above as follows:
  • if the server is found in data center 1, by replacing the IP address 10.0.1.100 with the following IP addresses (10.0.1.101, .102, .103, ...)
  • if the server is found in data center 2, by replacing the IP address 10.0.2.100 with the following IP addresses (10.0.2.101, .102, .103, ...)