Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

WinNT domain accross PIX firewall

Hi,

I am new to PIX. My query is --> I want to have a single Windows NT domain which should span both the internal network and the DMZ. What should be the config and what should be the placements of Domain Controllers, WINS servers etc on either side of the firewall.

4 REPLIES
New Member

Re: WinNT domain accross PIX firewall

well what u can do is have NT domain and wins servers i.e on the internal network. Now for ur DMZ machine to have the same domain u need to open few ports for those DMZ servers to ur NT domain controller. like UDP 137 , 138 and TCP 139 . As u know by default everything is close from lower security to higher. if u need help with commands and config....let me know i can help u with it.

New Member

Re: WinNT domain accross PIX firewall

Thanks Shabib.....Tell me one more thing.

Do I need to set up a WINS servers in the DMZ also ? It will also be helpful if you can provide me with some sample configs.

New Member

Re: WinNT domain accross PIX firewall

Hello, The domain controllers and Wins server should be behind the PIX box. The DMz also can remain behind. got to go!!

Re: WinNT domain accross PIX firewall

I have domain controllers and exchange server on my 'inside' ethernet. Generally, stuff that sits 'outside' NT servers with external connections, ie proxy server, fax server, routers etc ... You will need to add permitting conduits to your pix to allow the two sets of servers to talk. Good luck!

161
Views
0
Helpful
4
Replies
СоздатьДля создания публикации, пожалуйста в систему