Announcement

Collapse
No announcement yet.

AD Sync with firewall in the middle

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Sync with firewall in the middle

    Hi,

    I have 2 DC 2003 and Cisco Pix515
    One in the inside ( file server + BackupExec 9.1 ) and the other ( exchange 2003 + BackupExec module for exchange ) in the DMZ
    at the moment I opened IP between them, but it seems not enough!
    What exectly should I open or what is the best way for your opinion to make them talk?

    Thanks

  • #2
    Is you DC in DMZ pointing to the internal DNS ?
    Does your PIX currently allow ANY traffic with ANY protocol between the DCs ?
    Guy Teverovsky
    "Smith & Wesson - the original point and click interface"

    Comment


    • #3
      AD Sync with firewall in the middle

      Yes my DC in DMZ pointing to the internal DNS
      Yes the Pix allow ANY IP traffic between the DCs

      My main problem is to make backup of the exchange and to open only the ports I need to make them talk, insted opening IP between them

      Comment


      • #4
        Frankly speaking, it is a very BAD idea to put a DC in DMZ.
        Any special reason for that configuration ?
        If it's about OWA, you can keep the Exchange inside the LAN and either use ISA or Apache to do the reverse proxy.

        In any case, here is the article explaining the requirements for AD replication through FW:
        http://www.microsoft.com/technet/pro.../adrepfir.mspx
        Guy Teverovsky
        "Smith & Wesson - the original point and click interface"

        Comment


        • #5
          Hi Guy,

          I'll take your advice!

          Thanks
          Ziv

          Comment

          Working...
          X