?
Solved

Windows Domain access from DMZ

Posted on 2008-06-11
7
Medium Priority
?
722 Views
Last Modified: 2008-07-03
Have a web server in a DMZ. We can access web pages on the web server from the internal net and the web server can see a database server on the internal side. The web server can ping the DC, but windows authentication does not work. I need to be able to browse files on the web server in the DMZ.

access-list inside_nat0_outbound extended permit ip 10.4.0.0 255.255.240.0 172.31.4.0 255.255.255.0

access-list DMZ_outbound extended permit ip host 172.31.4.127 host 10.4.0.12 (IP of DC)

Is there something else i need to add so that the web server in the DMZ can authenticat to the DC?

Thanks, Bill
0
Comment
Question by:whbaxter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
7 Comments
 
LVL 23

Accepted Solution

by:
debuggerau earned 2000 total points
ID: 21765637
Have you tried joining the domain?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 21765820
there is a whole load of ports here that you might need to open
http://support.microsoft.com/?id=179442
0
 

Author Comment

by:whbaxter
ID: 21768673
I joined the the server to the domain prior to moving it into the DMZ.

I will look at the ports and give that a try.

Thanks
0
 

Author Comment

by:whbaxter
ID: 21771622
I have removed the DMZ web server from the Domain and created a local user account on this server. this will serve my needs for now.

thanks for the responses.

this question can be closed.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question