Re: Secure File Server & Active Directory with Cisco Access List

From: S. Pidgorny [MVP] (slavickp@yahoo.com)
Date: 09/02/02 

From: "S. Pidgorny [MVP]" <slavickp@yahoo.com>
Date: Mon, 2 Sep 2002 21:23:04 +1000

Look at the "Active directory replication across firewalls" whitepaper, by
Steve Riley, on MS Web site. A client requires not much less than a DC:
Kerberos, CIFS, name resolution... You can run a protocol analyser to find
out what exactly is required to narrow down the list

BUT

IPsec is better for the purpose - more robust

Regards 

--
Svyatoslav Pidgorny, MS MVP, MCSE
-= F1 is the key =-
"aLTeReGo" <a@a.com> wrote in message
news:jl05nuch57k159p7qip1613dqvmdhabg9d@4ax.com...
> Here is a very basic overview of my network..
>
> "Active Directory" "Windows 2k File Server"
> | |
>
>
|------------------Network-1------------------------------------------------
--------|
> |
> |
> |
> |
> |
> [Router W/ACLs]
> |
> |
> |
> |
> |
>
>
|------------------Network-2------------------------------------------------
--------|
> |
> "Windows 2k Client"
>
>
> I would like to know the ABSOLUTLE minimum port numbers I will have to
> open in my router access lists to allow the Windows 2k Client to login
> to the domain and access the file shares on the file server.
> Everything is Win2k and I don't want to open a single port that I
> don't have to. I am trying to acheive the highest level of network
> security I can at the router.
>
>
>
> -----------== Posted via Newsfeed.Com - Uncensored Usenet News
==----------
>    http://www.newsfeed.com       The #1 Newsgroup Service in the World!
> -----= Over 100,000 Newsgroups - Unlimited Fast Downloads - 19 Servers
=-----

Relevant Pages

  • Re: Urgent! New router and big disaster
    ... it's quite possible you misconnected the nics when you put the server ... just File and Printer Sharing and the Microsoft Client ... running the internet connection wizard, ... I wonder if I may have missed a firewall setting on the router as well. ...
    (microsoft.public.windows.server.sbs)
  • Re: DI 624 revC- severe wireless latency after consistent throughput
    ... What radio are you using for a client? ... know is that the wall between the router and the client is drywall. ... >it's probably not some firmware anomaly but some form of interference. ...
    (alt.internet.wireless)
  • Re: Urgent! New router and big disaster
    ... just File and Printer Sharing and the Microsoft Client ... running the internet connection wizard, ... If neother SBS server nor client workstation had ... I wonder if I may have missed a firewall setting on the router as well. ...
    (microsoft.public.windows.server.sbs)
  • Re: ALERT: WPA can be less secure than WEP
    ... If you've ever seen a 2wire 1000 series router, ... did change the settings on the client but only if it used Wireless ... Comparison of SES with AOSS. ... holding the WPA key and SSID are easy to find. ...
    (alt.internet.wireless)
  • Re: ICS on small home network no longer works for http traffic
    ... 1) If you're using MS ICS or Windows ... After installed a new router or cable modem replacing dial-up to access ... the Internet, you can't access some web sites. ... The client PC can ping to a outside IP, or a name and DNS> resolves the name ok. ...
    (microsoft.public.windowsxp.network_web)