Link to home
Create AccountLog in
Avatar of whbaxter
whbaxter

asked on

Windows Domain access from DMZ

Have a web server in a DMZ. We can access web pages on the web server from the internal net and the web server can see a database server on the internal side. The web server can ping the DC, but windows authentication does not work. I need to be able to browse files on the web server in the DMZ.

access-list inside_nat0_outbound extended permit ip 10.4.0.0 255.255.240.0 172.31.4.0 255.255.255.0

access-list DMZ_outbound extended permit ip host 172.31.4.127 host 10.4.0.12 (IP of DC)

Is there something else i need to add so that the web server in the DMZ can authenticat to the DC?

Thanks, Bill
ASKER CERTIFIED SOLUTION
Avatar of debuggerau
debuggerau
Flag of Australia image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
there is a whole load of ports here that you might need to open
http://support.microsoft.com/?id=179442
Avatar of whbaxter
whbaxter

ASKER

I joined the the server to the domain prior to moving it into the DMZ.

I will look at the ports and give that a try.

Thanks
I have removed the DMZ web server from the Domain and created a local user account on this server. this will serve my needs for now.

thanks for the responses.

this question can be closed.