Hello Everyone,

I have a relatively simple set up.

I have 2 subnets, 192.168.0.0 and 192.168.10.0.

I have 3 domain controllers on the 0 subnet, and I want to add a 4th domain controller, but on the 10 subnet.

I have configured an ISA 2006 server on a member server to route traffic between subnets as well as provide internet access to both subnets. Communication via IP addresses works flawless across the two subnets.

Now, I am able to successfully run DCPROMO when the new DC resides on the same subnet as the existing DC's (namely '0') but it always fails when the new DC-to-be is on the other subnet (namely '10'). The error I always get is "RPC Unavailable" or "remote procedure call failed."

Now, in ISA, I tried troubleshooting by making the very first rule allow any and all protocols in the internal network (made up of the '0' and '10' subnets).

I even configured RPC to not be "strict" in this rule.

Can anyone give me any tips on what might be going wrong?

I am trying to find a utility to check if all the ports I need are indeed open or not, so any suggestions there would be appreciated, too.

All my DC's are running Windows Server 2008 R2 Enterprise, btw (and there's no telnet command, either. Boo hoo.)

Thanks in advance!

Waqqas

Well, I found the solution:

1. Make sure all cross-subnet clients have their firewalls disabled.
2. Disable strict RPC compliance on the rule(s) that govern traffic between the subnets.
3. Configure Flood Mitigation to increase the threshold of the involved servers or PC's (by adding the concerned devices/machines to the "Custom" list).

Cheers to JJ from the UK who helped me solve this one.

Thanks for posting the result.
;)

You're welcome, Lisa.

One thing I forgot to mention:

Download Port Query UI from Microsoft to scan ports. Very very handy utility!