Forest Trust via IPSEC

Posted on 2007-11-20
Last Modified: 2012-05-05
Looking for information on how to create a trust between 2 seperate forest using ipsec. Firewalls seperate the forests and I do not want to open the convential ports to allow a trust.
Question by:58872
LVL 48

Expert Comment

ID: 20323852
you cant create a trust without opening up the trust required ports
LVL 19

Accepted Solution

SteveH_UK earned 500 total points
ID: 20342043
You can do this but only if you use a gateway-to-gateway vpn.

This can be completed using most enterprise firewalls, including ISA Server and GnatBox (GTA).

The traffic is encrypted between the gateways but acts normally from the servers' perspective.

Author Closing Comment

ID: 31410127

Expert Comment

ID: 33556654
what are the trust required ports ?

i want to open that trust required ports into this current setup : ipsec using juniper and cisco asa.. please let me know how to do it.. many thanks

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question