Windows Domain access from DMZ
Posted on 2008-06-11
Have a web server in a DMZ. We can access web pages on the web server from the internal net and the web server can see a database server on the internal side. The web server can ping the DC, but windows authentication does not work. I need to be able to browse files on the web server in the DMZ.
access-list inside_nat0_outbound extended permit ip 10.4.0.0 255.255.240.0 172.31.4.0 255.255.255.0
access-list DMZ_outbound extended permit ip host 172.31.4.127 host 10.4.0.12 (IP of DC)
Is there something else i need to add so that the web server in the DMZ can authenticat to the DC?