This is my scenario.

I have one Windows 2012 R2 as DC hosted by a ESX in datacenter A. This DC has two NICs:

internal: 192.168.40.1

external: 172.82.180.165

This DC has active directory and RRAS enabled.

The second Windows 2012 R2 is hosted in datacenter B. It has one NIC:

external: 172.82.133.19

Connecting to the DC througn VPN, I was able to join the second 2012 Server to the domain. However, I cant promote it to DC. It says that a DC for that domain could not be contacted.

If I try to ping the DC from the second server, DNS can resolve name properly.

What am I doing wrong or missing? Do I have to setup RRAS on the second server too? It has to have two NICs? Do I have to add static routes?

Any help would be much aprecciated.

Best regards.

Hi

 The important point is 2 NIC on Domain Controller is not the right configuration.First you could disable the second nic,then make sure these two server able to connect each other,Also check the dns records for DC has the correct record for ip addres.

Thanks for your answer. I though the secondary NIC on DC was necessary for internal network. I also have clients conecting to this DC through VPN. 

How the two servers should connect to each other? VPN? Or site to site via RRAS? In this case I have to setup RRAS on both servers?

Hi

 So these two DC needs to reach to each other internal or external(need to create correct dns record for DC) nic but There is an 2 nic on DOmain Controller is not supported also it may cause problems,),if you confiure vpn ports correctly second dc is connected to first dc by vpn,and you just use 1 nic.So you need to configure necessarry ports on VPN&Firewall side,

Also you can all ports on this article,

https://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx?f=255&mspperror=-2147217396

Burak is right that you should avoid configuring multiple NICs on a DC. It's not a good pratice and could be causing some problems, for example:
 
https://support.microsoft.com/en-us/kb/272294
https://support.microsoft.com/en-us/kb/832478
 
AD registers certain records in DNS in the form of SRV records, if you have multiple NICs, they will all get registered. Since DNS server responds to a query in a round robin fashion, a client or another DC who makes the query will probably get the wrong record.
 
So just follow Burak's suggestion above (disable one NIC) and see if it will solve the problem. Or you might want to try this - Steps to avoid registering unwanted NIC(s) in DNS on a Mulithomed Domain Controller:
 
https://support.microsoft.com/en-us/kb/2023004
 
Hope this helps.
 

Regards,

Eth

Greetings,

                  As you are facing issues in promoting the domain controller, please share the file dcpromo.log and the files named dcpromoui.log in skydrive to troubleshoot further. Please also check whether all the ports related to AD is already open as the servers are in different datacenters. PLease find below the link which would help.

https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx