Share via

Test Lab Guide: Configure the Contoso Branch Office

  • Article

This Test Lab Guide (TLG) contains instructions for setting up a branch office test lab using three server computers, two computers acting as IPv4 routers, and one client computer. The resulting branch office test lab provides an environment for configuring and testing branch office deployment scenarios.

Important : The following instructions are for configuring a branch office test lab using the minimum number of computers. Individual computers are needed to separate the services provided on the network and to clearly show the desired functionality. This configuration is neither designed to reflect best practices nor does it reflect a desired or recommended configuration for a production network. The configuration, including IP addresses and all other configuration parameters, is designed only to work on a separate test lab network.

Attempting to adapt this test lab configuration to a pilot or production deployment can result in configuration or functionality issues.

Test lab overview

In this test lab, the Contoso branch office is deployed with:

  • One computer running Windows Server 2008 R2 Enterprise Edition named DC1 that is configured as an intranet domain controller, Domain Name System (DNS) server, Dynamic Host Configuration Protocol (DHCP) server, and an enterprise root certification authority (CA).
  • One intranet member server running Windows Server 2008 R2 Enterprise Edition named APP1 that is configured as a general application server.
  • One roaming member client computer running Windows 7 Enterprise or Ultimate Edition named CLIENT1.
  • Two intranet client computer running Windows 7 Enterprise or Ultimate Edition named RTR1 and RTR2 that are configured as a IPv4 routers.
  • One intranet member server running Windows Server 2008 R2 Enterprise Edition named BOAPP1 that is configured as a general application server in the branch office.  

This TLG only requires the Corpnet subnet from the Base Configuration test lab as its starting point. See the following figure for the branch office test lab configuration (click on it for a larger version).

Note that this branch office test lab configuration is emulating a private WAN link (the Wannet subnet) between a main office (the Corpnet subnet) and a branch office (the Branchnet subnet). This branch office test lab configuration does not create a site-to-site VPN connection between computers over the Internet subnet.

In this Test Lab Guide, you install a set of router computers to forward traffic between the Corpnet and Branchnet subnets via the Wannet subnet and then add an application server to the Branchnet subnet.

For a short overview of how to build out the Contoso branch office test lab, see the following:

View

Note  For a variation on this branch office configuration that replaces RTR1, RTR2, and the Wannet subnet with an Apposite Technologies Linktropy WAN emulator, see Test Lab Guide: Configure the Contoso Branch Office using an Apposite Technologies WAN Emulator.

For instructions on configuring this lab using Hyper-V in Windows Server 2012, see Hosting the Contoso branch office test lab with Windows Server 2012 Hyper-V.

Hardware and software requirements

The following are required components of this test lab:

  • The product disc or files for Windows Server 2008 R2 Enterprise. For an evaluation copy of Windows Server 2008 R2 Enterprise Edition in download and virtual hard disk (VHD) form, see Windows Server 2008 R2 Evaluation Free 180-Day Trial (http://go.microsoft.com/fwlink/?LinkID=102582).
  • The product disc or files for Windows 7 Enterprise or Ultimate.
  • Three computers that meet the minimum hardware requirements for Windows Server 2008 R2 Enterprise Edition.
  • Three computers that meet the minimum hardware requirements for Windows 7 Enterprise or Ultimate Edition.

Steps for Configuring the Branch Office Test Lab

There are six major steps to follow when setting up a branch office test lab.

  1. Set up the Base Configuration test lab.
  2. Set up RTR1 and the Wannet subnet.
  3. Set up RTR2 and the Branchnet subnet.
  4. Install and configure BOAPP1.
  5. Demonstrate connectivity from the branch office.
  6. Install and configure WAN link emulation (optional).

The following sections provide the details about how to perform these steps.

Step 1: Set up the Base Configuration test lab

The branch office test lab requires the Corpnet subnet of the Base Configuration test lab. If needed, create the Corpnet subnet of the base configuration test lab as described in the Test Lab Guide: Base Configuration.

Step 2: Set up RTR1 and the Wannet subnet

RTR1 acts as an IPv4 router between the Corpnet and Wannet subnets. RTR1 configuration consists of the following:

  • Install the operating system.
  • Configure Network Connections properties.
  • Configure IPv4 routing.

You will need an additional switch, either physical or virtual, for the Wannet subnet.

Note  RTR1 must have two network adapters installed.

Install the operating system

First, install Windows 7 on RTR1.

To install Windows 7 on RTR1

  1. Connect RTR1 to a network that has access to the Internet and start the installation of Windows 7.
  2. When you are prompted for a user name, type User1. When you are prompted for a computer name, type RTR1.
  3. When you are prompted for a password, type a strong password twice.
  4. When you are prompted for protection settings, click Use recommended settings.
  5. When you are prompted for your computer's current location, click Public.
  6. After installation run Windows Update and install all of the latest updates.
  7. Connect one network adapter of RTR1 to the switch for the Corpnet subnet and the other network adapter to the switch for the Wannet subnet.

Configure Network Connections properties

Next, configure the names of the adapters in the Network Connections folder for the subnets to which they are connected and their IPv4 addresses.

To configure Network Connections properties

  1. On RTR1, click Start, and then click Control Panel.
  2. Under Network and Internet, click View status and tasks, and then click Change adapter settings.
  3. In the Network Connections window, right-click the network connection that is connected to the Corpnet subnet, and then click Rename.
  4. Type Corpnet, and then press ENTER.
  5. Right-click Corpnet, and then click Properties.
  6. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.
  7. Select Use the following IP address. In IP address, type 10.0.0.20. In Subnet mask, type 255.255.255.0, and then click OK twice.
  8. In the Network Connections window, right-click the network connection that is connected to the Wannet subnet, and then click Rename.
  9. Type Wannet, and then press ENTER.
  10. Right-click Corpnet, and then click Properties.
  11. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.
  12. Select Use the following IP address. In IP address, type 192.168.1.1. In Subnet mask, type 255.255.255.0, and then click OK twice.
  13. Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
  14. To check network communication between RTR1 and computers on the Corpnet subnet, in the Command Prompt window, type ping 10.0.0.1, and then press ENTER.
  15. Verify that there are four responses from 10.0.0.1. Leave the Command Prompt window open for the next procedure.

Configure IPv4 routing

Next, configure RTR1 to perform IPv4 forwarding and for the set of routes for all three subnets and the Corpnet subnet computers to use RTR1 as its default gateway.

To configure IPv4 routing

  1. On RTR1, in the Command Prompt window, type the following commands:

    netsh interface ipv4 set interface Corpnet forwarding=enabled

    netsh interface ipv4 set interface Wannet forwarding=enabled

    netsh interface ipv4 add route 10.2.0.0/24 interface=Wannet nexthop=192.168.1.2

    netsh advfirewall firewall set rule "File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=yes

  2. Log on to DC1 with the CORP\User1 account.

  3. Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.

  4. In the Command Prompt window, type the netsh interface ipv4 set address 10.0.0.1 gateway=10.0.0.20 command.

  5. Close the Command Prompt window.

  6. Click Start, point to Administrative Tools, and then click DHCP.

  7. In the console tree, open dc1.corp.contoso.com/IPv4/Scope [10.0.0.0] Corpnet, right-click Scope Options, and then click Configure Options.

  8. In the Available Options list, select 003 Router.

  9. Type 10.0.0.20 in IP address, click Add, and then click OK.

  10. Log on to APP1 with the CORP\User1 account.

  11. Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.

  12. In the Command Prompt window, type the netsh interface ipv4 set address 10.0.0.3 gateway=10.0.0.20 command.

  13. Close the Command Prompt window.

If you have additional computers on the Corpnet subnet, perform the following steps on each of them to ensure that they will be able to send traffic to the branch office subnet:

  1. Log on to the computer with the CORP\User1 account.
  2. Click Start, click All Programs, click Accessories, right-clickCommand Prompt, and then click Run as administrator.
  3. In the Command Prompt window, type the ipconfig command. Note the IPv4 Address assigned to the network interface attached to the Corpnet subnet.
  4. In the Command Prompt window, type the netsh interface ipv4 set address <IPv4 address from step 3> gateway=10.0.0.20 command.
  5. Close the Command Prompt window.  

Step 3: Set up RTR2 and the Branchnet subnet

RTR2 acts as an IPv4 router between the Wannet and Branchnet subnets. RTR2 configuration consists of the following:

  • Install the operating system.
  • Configure Network Connections properties.
  • Configure IPv4 routing.

You will need an additional switch, either physical or virtual, for the Branchnet subnet.

Note  RTR2 must have two network adapters installed.

Install the operating system

First, install Windows 7 on RTR2.

To install Windows 7 on RTR2

  1. Connect RTR2 to a network that has access to the Internet and start the installation of Windows 7.
  2. When you are prompted for a user name, type User1. When you are prompted for a computer name, type RTR2.
  3. When you are prompted for a password, type a strong password twice.
  4. When you are prompted for protection settings, click Use recommended settings.
  5. When you are prompted for your computer's current location, click Public.
  6. After installation run Windows Update and install all of the latest updates.
  7. Connect one network adapter of RTR2 to the switch for the Wannet subnet and the other network adapter to the switch for the Branchnet subnet.

Configure Network Connections properties

Next, configure the names of the adapters in the Network Connections folder for the subnets to which they are connected and their IPv4 addresses.

To configure Network Connections properties

  1. On RTR2, click Start, and then click Control Panel.
  2. Under Network and Internet, click View status and tasks, and then click Change adapter settings.
  3. In the Network Connections window, right-click the network connection that is connected to the Wannet subnet, and then click Rename.
  4. Type Wannet, and then press ENTER.
  5. Right-click Wannet, and then click Properties.
  6. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.
  7. Select Use the following IP address. In IP address, type 192.168.1.2. In Subnet mask, type 255.255.255.0, and then click OK twice.
  8. In the Network Connections window, right-click the network connection that is connected to the Branchnet subnet, and then click Rename.
  9. Type Branchnet, and then press ENTER.
  10. Right-click Branchnet, and then click Properties.
  11. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.
  12. Select Use the following IP address. In IP address, type 10.2.0.20. In Subnet mask, type 255.255.255.0, and then click OK twice.
  13. Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
  14. To check network communication between RTR2 and RTR1 on the Wannet subnet, in the Command Prompt window, type ping 192.168.1.1, and then press ENTER.
  15. Verify that there are four responses from 192.168.1.1. Leave the Command Prompt window open for the next procedure.

Note that the Branchnet subnet is using the IPv4 addressing guidelines described in Updates to the Demonstrate IPv6 TLG and addressing guidelines for the Contoso Corporation.

Configure IPv4 routing

Next, configure RTR2 to perform IPv4 forwarding and for the set of routes for all three subnets.

To configure RTR2 for IPv4 routing

  1. In the Command Prompt window, type the following commands:

    netsh interface ipv4 set interface Wannet forwarding=enabled

    netsh interface ipv4 set interface Branchnet forwarding=enabled

    netsh interface ipv4 add route 10.0.0.0/24 interface=Wannet nexthop=192.168.1.1

    netsh advfirewall firewall set rule "File and Printer Sharing (Echo Request - ICMPv4-In)" new enable=yes

  2. To check network communication between RTR2 and DC1 on the Corpnet subnet, in the Command Prompt window, type ping 10.0.0.1, and then press ENTER.

  3. Verify that there are four responses from 10.0.0.1.

Step 4: Install and configure BOAPP1

BOAPP1 provides DHCP, web, and file sharing services in the branch office. BOAPP1 configuration consists of the following:

  • Install the operating system.
  • Configure TCP/IP.
  • Join the computer to the domain.
  • Install the Web Server (IIS) role.
  • Configure the HTTPS security binding.
  • Create a shared folder.
  • Install and configure the DHCP Server service.

Install the operating system

First, install Windows Server 2008 R2 Enterprise Edition on BOAPP1.

To install the operating system

  1. Connect BOAPP1 to a network that has Internet access and start the installation of Windows Server 2008 R2 Enterprise Edition.
  2. Follow the instructions to complete the installation, specifying a strong password for the local Administrator account. Log on using the local Administrator account.
  3. Run Windows Update to install the latest updates for Windows Server 2008 R2.
  4. Connect BOAPP1 to the switch for the Branchnet subnet.

Configure TCP/IP properties

Next, configure TCP/IP.

To configure TCP/IP properties

  1. In Initial Configuration Tasks, click Configure networking.
  2. In the Network Connections window, right-click Local Area Connection, and then click Properties.
  3. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.
  4. Select Use the following IP address. In IP address, type 10.2.0.3. In Subnet mask, type 255.255.255.0. In Default gateway, type 10.2.0.20.
  5. Select Use the following DNS server addresses. In Preferred DNS server, type 10.0.0.1.
  6. Click Advanced, and then click the DNS tab. In DNS suffix for this connection, type corp.contoso.com, click OK twice, and then click Close.
  7. Close the Network Connections window and leave the Initial Configuration Tasks window open.
  8. To check name resolution and network communication between BOAPP1 and DC1, click Start, click All Programs, click Accessories, and then click Command Prompt.
  9. In the Command Prompt window, type ping 10.0.0.1.
  10. Verify that there are four replies from 10.0.0.1.
  11. In the Command Prompt window, type ping dc1.corp.contoso.com.
  12. Verify that there are four replies from 10.0.0.1.
  13. Close the Command Prompt window.   

Join BOAPP1 to the CORP domain

Next, join BOAPP1 to the corp.contoso.com domain.

To join BOAPP1 to the CORP domain

  1. In Initial Configuration Tasks, click Provide Computer Name and Domain.
  2. In the System Properties dialog box, on the Computer Name tab, click Change.
  3. In Computer Name, type BOAPP1. In Member of, click Domain, and then type corp.contoso.com.
  4. Click OK.
  5. When you are prompted for a user name and password, type User1 and its password, and then click OK.
  6. When you see a dialog box welcoming you to the corp.contoso.com domain, click OK.
  7. When you are prompted that you must restart the computer, click OK.
  8. On the System Properties dialog box, click Close.
  9. When you are prompted to restart the computer, click Restart Now.
  10. After the computer restarts, click Switch User, and then click Other User and log on to the CORP domain with the User1 account.
  11. In Initial Configuration Tasks, click Do not show this window at logon, and then click Close.        

Install the Web Server (IIS) role

Next, install the Web Server (IIS) role to make BOAPP1 a web server.

To install the Web Server (IIS) role

  1. In the console tree of Server Manager, click Roles. In the details pane, click Add Roles, and then click Next.
  2. On the Select Server Roles page, select Web Server (IIS), and then click Next three times.
  3. Click Install.
  4. Verify that the installation was successful, and then click Close.

Configure the HTTPS security binding

Next, configure the HTTPS security binding so that BOAPP1 can host HTTPS-based URLs.

To configure the HTTPS security binding

  1. Click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
  2. Click Default Web site.
  3. In the Actions pane, click Bindings.
  4. In the Site Bindings dialog box, click Add.
  5. In the Add Site Binding dialog box, in the Type list, click https. In SSL Certificate, click the certificate with the name BOAPP1.corp.contoso.com. Click OK, and then click Close.
  6. Close the Internet Information Services (IIS) Manager console.

Create a shared folder

Next, create a shared folder and a text file within the folder on BOAPP1.

To create a shared folder

  1. On BOAPP1, click Start, and then click Computer.
  2. Double-click Local Disk (C:).
  3. Click New Folder, type Files, and then press ENTER. Leave the Local Disk window open.
  4. Click Start, click All Programs, click Accessories, right-click Notepad, and then click Run as administrator.
  5. In the Untitled – Notepad window, type This is a shared file.
  6. Click File, click Save, double-click Computer, double-click Local Disk (C:), and then double-click the Files folder.
  7. In File name, type example.txt, and then click Save. Close the Notepad window.
  8. In the Local Disk window, right-click the Files folder, point to Share with, and then click Specific people.
  9. Click Share, and then click Done.
  10. Close the Local Disk window.

Install and configure the DHCP Server service

Next, install the DHCP Server service on BOAPP1 and configure it for the Branchnet subnet.

To install and configure the DHCP server role

  1. In the console tree of Server Manager, click Roles.
  2. In the details pane, under Roles Summary, click Add roles, and then click Next.
  3. On the Select Server Roles page, click DHCP Server, and then click Next twice.
  4. On the Select Network Connection Bindings page, verify that 10.2.0.3 is selected, and then click Next.
  5. On the Specify IPv4 DNS Server Settings page, verify that corp.contoso.com is listed under Parent domain.
  6. Type 10.0.0.1 under Preferred DNS server IP address, and then click Validate. Verify that the result returned is Valid, and then click Next.
  7. On the Specify WINS Server Settings page, accept the default setting of WINS is not required on this network, and then click Next.
  8. On the Add or Edit DHCP Scopes page, click Add.
  9. In the Add Scope dialog box, type Branchnet next to Scope Name. For Starting IP Address, type 10.2.0.100. For Ending IP Address, type 10.2.0.150. For Subnet Mask, type 255.255.255.0. For Default gateway (optional), type 10.2.0.20. Click OK, and then click Next.
  10. On the Configure DHCPv6 Stateless Mode page, select Disable DHCPv6 stateless mode for this server, and then click Next.
  11. On the Authorize DHCP Server page, select Use current credentials. Verify that CORP\User1 is displayed next to User Name, and then click Next.
  12. On the Confirm Installation Selections page, click Install.
  13. Verify the installation was successful, and then click Close.

Step 5: Demonstrate connectivity from the branch office

Verify that intranet web and file share resources on BOAPP1 can be accessed by CLIENT1.

To test access to intranet resources

  1. Connect the CLIENT1 computer to the Branchnet subnet.
  2. Log on with the CORP\User1 account.
  3. Click Start, click All Programs, click Accessories, and then click Command Prompt.
  4. At the command prompt, type ipconfig, and then press ENTER. You should see an IPv4 address of 10.2.0.100 assigned to the Local Area Network connection.
  5. At the command prompt, type nltest /dsgetdc: /force, and then press ENTER. You should see "DC: \DC1.corp.contoso.com" and "Address: 10.0.0.1".
  6. Close the Command Prompt window.
  7. From the taskbar, click the Internet Explorer icon.
  8. In the Address bar, type http://boapp1.corp.contoso.com/, and then press ENTER.  You should see the default IIS 7 web page for BOAPP1.
  9. In the Address bar, type https://boapp1.corp.contoso.com/, and then press ENTER.  You should see the default IIS 7 web page for BOAPP1.
  10. Close the Internet Explorer window open.
  11. Click Start, type \boapp1\Files, and then press ENTER.
  12. You should see a folder window with the contents of the Files shared folder.
  13. In the Files shared folder window, double-click the Example.txt file. You should see the contents of the Example.txt file.
  14. Close the example.txt - Notepad and the Files shared folder windows.

For scenarios that rely on reduced bandwidth across a WAN link, you can install and configure WAN link emulation on RTR1 and RTR2 to simulate a low bandwidth connection between the Corpnet and Branchnet subnets.

Windows Server 2008 R2 and Windows 7 does not include WAN simulation capabilities for Ethernet network adapters. You can use the Network Emulation in Visual Studio 2010 (see Introducing True Network Emulation in Visual Studio 2010 and How to: Configure Network Emulation Using Test Settings in Visual Studio). Alternately, you can use a third-party network emulation or LAN simulation product.

Snapshot the Configuration

This completes the branch office test lab. The result is a test lab environment that contains two subnets of the Contoso intranet separated by a simulated WAN link. You can now begin building out and experimenting with branch office scenarios and solutions.

To save this configuration so that you can quickly return to a working branch office configuration, do the following:

  1. On all physical computers or virtual machines in the test lab, close all windows and then perform a graceful shutdown.
  2. If your lab is based on virtual machines, save a snapshot of each virtual machine and name the snapshots BranchOffice. If your lab uses physical computers, create disk images to save the branch office test lab configuration.

Additional Resources

For additional test lab guide resources, see Test Lab Guides.