Domain controller behind firewall
Posted on 2004-10-14
Ok...please forgive me, but I'm not a network person...I'm a microsoft person, hehe. I manage systems and let the network people manage the network. But I have question:
I have a domain controller (windows 2003) that is behind a cisco firewall. I have a couple clients that are on a different subnet (they have static IPs) which need to access the DC to authenticate and use shared resources. What ports do I need to tell our network people to open to allow for this? Does this pose any kind of huge security risK?...yes, i know poking holes in a firewall is a security risk, but I really need these computers on our AD infastructure. The clients are ultimately behind another firewall (we are all a part of a university network, but my specific network is blocked off from the rest of the university for extra security). Currently, we only have the one server (its a small network), but I may be implementing a SUS server that would be behind the firewall as well that these clients would need to access.