ASA: How to allow active directory to traverse outside and inside?
I am attempting to get AD to cooperate from a parent domain on the outside of the ASA to a child domain on the inside of the ASA.
So far when I first setup the child domain all is well (assuming because the inside server is initiating the chatter) but after a little while (not sure of time frame) AD stops synching and get errors on the servers about such.
Re: ASA: How to allow active directory to traverse outside and i
This is just off the top of my head, but you'll need LDAP, DNS, and Kerberos opened up. If you want filing browsing, you'll have to open RPC all ports >1024 and 137-139, & 445. You have a couple of other options though. You can use an IPSec tunnel between the two servers and/or RPC over HTTPS.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...