not only will you need ports 137 138 and 139 opened between your internal network and the DMZ, but you must permit broadcasts with a helper address for each hop in between your server and the client request. Hope this helps!
It is a little risky to open up your Netbios ports into the DMZ, it is not recommended that you allow any one from the dmz to logon in to your domain, so they can have access to domain user list and share resorces.
I strongly agree with Hector. By opening the ports to allow NETbios traffic to flow freely, you might as well place the DMZ servers in your internal network. These ports make your internal network vulnerable for a number of attacks as soon as a DMZ server becomes compromised. You might want to reconsider your decision in favor of security.
What does your config look like? What version of code is on your PIX? You may just need to have the fixup protocols and correct ACL statements or conduits open between your DMZ interface and your inside interface. If you do a search on TAC's web site there are great examples on how you can make this work without exposing yourself to too much risk...
I would put the Exchange server on your inside network and put a SMTP relay on your DMZ and only allow port 25 in and out and set up a atatic to allow this. All mail forwarding should take place on the DMZ. not only does this provide alittle bit more security you can also to some degree control SPAM. Post.Office is a good SMTP freeware program you can look them up on the web. Hope this helps
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...