ASA config for DNS and Domain contoller registration accross the link

vd123_cisco · ‎03-21-2012

Hi Guys,

I was wondering if someone can help me with the following scenario. Please see the network topology attached along

We have two webservers in DMZ and they need to login on the domain accross the head office link. DNS and Domain controller are located in Head office (see the network topoogy attached).

We have already allowed one of the inside subnets 172.19.45.0 on our firewall(firewall 1) to login to the domain accross that link and servers on that subnets are are able to login.

Firewall in head office has allowed only one subnet 172.19.45.0 to access the DNS and Domain controller and we are wondering if we NAT the webservers to 172.19.45.147 and 172.19.45.143 would it work?

Would they able to login to the domain?

Also there are some internal websites hosted on those webservers and they will access internally by staff in head office and ourselves internally.

Would those work after the NAT.

Thanks

Jay

vd123_cisco · ‎03-21-2012

Can somebody also explain what is DNS doctoring?

Do i need to enable DNS doctoring feature for this to work?

vd123_cisco · ‎03-22-2012

Hi all,

Can someone please reply to my query.

pbuch · ‎03-22-2012

You need to configure VPN between the two sites.