Build WindowServer 2008 R2 Domain Trust with Win Server 2003 Domain configure TMG to allow trust.

Posted on 2011-04-27
Last Modified: 2012-06-09
I have two domains and we are looking to build a trust beween two domains.  One is a windows 2008 R2 functional domain the other is a window 2003 funtional domain.  I can ping the IP addresses on the 2003 side from the 2008 side but can not ping from the 2003 to the 2008 domain.  The 2008 domain is running TMG. What is the appropriate config in TMG to allow the trust to happen?


Question by:jdc0
    LVL 23

    Expert Comment

    by:Suliman Abu Kharroub
    >>The 2008 domain is running TMG.

    please give more details: do you want  to configure trust over the internet ? each domain in deferent site ? had you configured dns for trust ? a simple digram about current topology would be very helpful...

    Author Comment

    No I created a VPN tunnel from one data center to another.  I have the tunnel working.  The issue is that the windows 2008 R2 domain which runs TMG that is joined to the domain can ping the 2003 domain through the VPN site to site tunnel, the 2003 domain can not ping the 2008 domain attempting to get through TMG.
    LVL 23

    Expert Comment

    by:Suliman Abu Kharroub
    So, TMG is acting as VPN server ? please correct me if doe't use TMG to configure the VPN tunnel....

    do you have an access rule to allow vpn clients ( vpn network) to internal?

    Accepted Solution

    I resolved this issue
    LVL 23

    Expert Comment

    by:Suliman Abu Kharroub
    Glad to here that....

    Would you post the solution please... was any of the above help...

    Author Closing Comment

    I did the research and came up with the solution that finally resolved the problem

    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Join & Write a Comment

    Suggested Solutions

    In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
    In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now