Re: File sharing between an AD Domain controller and a member server through a firewall
From: Clementius (anonymous_at_discussions.microsoft.com)
Date: 06/22/04
- Previous message: Mike Danseglio [MSFT]: "Re: Upcoming security chat: Windows Passwords: Everything You Need to Know"
- In reply to: Steven Umbach: "Re: File sharing between an AD Domain controller and a member server through a firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 21 Jun 2004 17:55:56 -0500
Thanks a lot Steve. It helped a good deal. C
"Steven Umbach" <n9rou@n0spam-comcast.net> wrote in message
news:%1Sxc.10567$0y.4335@attbi_s03...
> See if the following KB article helps and pay particular attention to how
> dynamic rpc works and how to configure a server and firewall for it. You
may
> also want to check your firewall logs for dropped traffic from the
computer in
> the dmz and I would not be surprised if it showed inbound traffic to ports
in
> the range 1025-30 to the domain controller as the problem. Otherwise
consider
> using ipsec policy with a rule that allows ipsec protected traffic between
the
> two computers and through the firewall. -- Steve
>
> http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B179442
> http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B233256
>
> "Clementius" <anonymous@discussions.microsoft.com> wrote in message
> news:%23ecQTDpTEHA.2324@TK2MSFTNGP10.phx.gbl...
> > Hi,
> > I am configuring an access-list for traffic from a dmz server to an
internal
> > server. The dmz server is a 2003 domain member server. The internal
server
> > is a 2003 AD controller and file server. The plan is to allow file
access
> > from the dmz server to the internal server. Eventually, the dmz server
will
> > be a front-end to the internal server from the Internet through SSH or
> > Terminal Server sessions. So far I opened the following ports to the
> > internal server (from the dmz) on the firewall:
> > TCP domain
> > UDP domain
> > tcp 88
> > udp 88
> > tcp 135
> > udp 389
> > tcp 389
> > tcp 445
> > udp netbios-ns
> > udp netbios-dgm
> > tcp netbios-ssn
> >
> > I am able to perform nslookup from the dmz server using the internal
server
> > for DNS and NAT seems to work fine. But when I try to map a drive from
the
> > dmz server to a share on the internal server I get: "The drive could not
be
> > mapped because no network was found".
> > Am I missing something? Thanks for your help. C
> >
> >
>
>
- Previous message: Mike Danseglio [MSFT]: "Re: Upcoming security chat: Windows Passwords: Everything You Need to Know"
- In reply to: Steven Umbach: "Re: File sharing between an AD Domain controller and a member server through a firewall"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
