COMPUTING > Cloud Servers > Design a data center > Configuration of Windows server

16.2.1 Configuration of Windows server Cloud Server Pro service guide

In this second part, specific for those with Windows servers, we proceed with the configuration of the Cloud Servers in the two data centers so they can reach one another through the private  OpenVPN tunnel that has been established.
 
The pre-requirements for this guide are the same as the first part, and in particular you need to connect a network adapter of the Cloud Server through a Virtual Switch to the pfSense router/firewall.
 
To allow the "server1" to reach the "server2" first of all you need to connect the "server1" with the "pfsense1" through a private IP address (in the example we will use 10.0.1.100), assigned to the second network adapter. The "server1" and "server2", object of this guide, can continue to have their public IP address, through which to communicate directly to and from the Internet. The traffic addressed to the other server will travel through the private OpenVPN tunnel established between "pfsense1" and "pfsense2".
 
Yo avoid problems in case of error while following these instructions, persistent problems such as to block the Cloud Servers, in this guide we will configure the routing TEMPORARILY.
This means that the configurations will only last until the server (or the relevant network interfaces) is rebooted. In case of failures simply reboot "server1" and/or "server2" to restore the previous configuration. However, it is possible to simply make these changes permanent, as indicated below in this guide.

Here is a diagram of the network we are creating:
 
 
  1. 1 - Configure "server1"
    1. 1.1 connect to your Windows Cloud Server through Remote Desktop using the "Administrator" user
    2. 1.2 configure a private network in the Windows Cloud Server. During this step you need to note down the name of the network adapter you are configuring (this is usually "Lan 2")
    3. 1.3 allow all the traffic for the network interface connected to "pfsense1" via the "virtual switch 1"
    4. 1.4 open "Command Prompt"
    5. 1.5 type in the command: route add 10.0.2.0 mask 255.255.255.0 10.0.1.1
    6. 1.6 for Windows 2003
      • 1.6.1 check the name of the network adapter connected to "pfsense1" configured in step 1.2 (the name is usually "Lan 2")
      • 1.6.2 if the name of the network adapter is not "LAN 2" replace the name in the following command, otherwise type in the command: netsh firewall set opmode mode=disable interface="LAN 2"
    7. 1.7 for Windows 2008 and later versions
      • 1.7.1 type in the following command: netsh advfirewall firewall add rule name="Allow OpenVPN LAN" dir=in action=allow localip="10.0.1.0/24"
  2. 2 - Configure "server2"
    1. 2.1 connect to your Windows Cloud Server through Remote Desktop using the  "Administrator" user
    2. 2.2 configure a private network in the Windows Cloud Server. During this step you need to note down the name of the network adapter you are configuring (this is usually "Lan 2")
    3. 2.3 allow all the traffic for the network interface connected to "pfsense1" via the "virtual switch 1"
    4. 2.4 open "Command Prompt"
    5. 2.5 type in the following command: route add 10.0.1.0 mask 255.255.255.0 10.0.2.1
    6. 2.6 for Windows 2003
      • 2.6.1 check the name of the network adapter connected to "pfsense1" configured in step 2.2 (the name is usually "Lan 2")
      • 2.6.2 if the name of the network adapter is not "LAN 2" replace the name in the following command, otherwise type in the command: netsh firewall set opmode mode=disable interface="LAN 2"
    7. 2.7 for Windows 2008 and later versions
      • 2.7.1 type in the following command: netsh advfirewall firewall add rule name="Allow OpenVPN LAN" dir=in action=allow localip="10.0.2.0/24"
    8. After checking that the servers work correctly, if you wish to make the changes to the routing made in steps 1.5 and 2.5 permanent (therefore persistent after rebooting), it is possible to change the command by adding the parameter "-p". The commands in steps 1.5 and 2.5 will become the following: route –p add 10.0.2.0 mask 255.255.255.0 10.0.1.1 route –p add 10.0.1.0 mask 255.255.255.0 10.0.2.1
  3. 3 - Check connection
    1. 3.1 from "server1"
      1. 3.1.1 open "Command Prompt" and type in the following command: ping 10.0.2.1
      2. 3.1.2 make sure you get a response from "pfsense2"
      3. 3.1.3 type in the following command: ping 10.0.2.100
      4. 3.1.4 make sure you get a response from "server2"
    2. 3.2 and also from "server2"
      1. 3.2.1 open "Command Prompt" and type in the following command: ping 10.0.1.1
      2. 3.2.2 make sure you get a response from "pfsense1"
      3. 3.2.3 type in the following command: ping 10.0.1.100
      4. 3.2.4 make sure you get a response from "server1"
At this point we have checked that the connection between "server1" and "server2" has been established. The two servers can now reach one another through the private IP addresses 10.0.1.100 and 10.0.2.100. All the network services (web, database, file sharing, etc.) offered by "server1" will be available from "server2" and vice versa. To this private network you can add other servers ("server3", "server4", etc.) simply by changing the steps above as follows:
  • if the server is found in data center 1, by replacing the IP address 10.0.1.100 with the following IP addresses (10.0.1.101, .102, .103, ...)
  • if the server is found in data center 2, by replacing the IP address 10.0.2.100 with the following IP addresses (10.0.2.101, .102, .103, ...)