Link to home
Start Free TrialLog in
Avatar of _valkyrie_
_valkyrie_Flag for United States of America

asked on

One Way Forest Trust To Web Server

I've been tasked with bringing our company onto a single sign on platform. In doing this though, I've come across some security issues with our web server.

I have a web server running Sharepoint and an FTP service. I need to authenticate users against our internal domain (corporate.ourdomain.com) on our external domain (ourdomain.com).

We have a Cisco router on site at our colocation which connects the public IP of our web server to two domain controllers internally over IPSec VPN. The external domain trusts our internal domain but not the reverse as was suggested elsewhere online rather than have a DC on our public segment.

This works for us right now but I have two concerns. Is this the best method and what ports do I need to limit the VPN to in order to best protect our two internal servers?

Both servers run MS Server Standard 2008 R2
ASKER CERTIFIED SOLUTION
Avatar of Adam Brown
Adam Brown
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial