DMZ to LAN AD and .NET apps

Unanswered Question
Jul 27th, 2007
User Badges:

Is there anything special that needs to be done to have Active Directory and .NET applications talk across the DMZ/LAN segments on an ASA5520? I have static (inside,dmz) 192.168.0.0 192.168.0.0 netmask 255.255.254.0 and access-list inside_to_dmz permit ip 192.168.0.0 255.255.254.0 any applied.


I can communicate both ways through Terminal services from a server on the DMZ to a server on the LAN and vise Versa. I dont have a full AD setup as this is a test setup and not installed yet, but the customer had this question.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Fri, 07/27/2007 - 08:13
User Badges:
  • Green, 3000 points or more

I guess you also have a dmz_to_inside acl?

tahequivoice Fri, 07/27/2007 - 09:07
User Badges:

Yes, it is actually on the other ASA. There is an ASA behind the first ASA, one does IPS, the other CSC, the CSC ASA does not do NAT.

Actions

This Discussion