Lew Nix
asked on
Multiple Active Directory Domains using firewall - SBS enviroment
I have inherited a network that is using SBS 2011 as the domain controller. We have several member servers on this domain. I have a new application coming in that will require 2 new servers that have to be domain joined (not workgroup servers). However, the intent is to make these servers as independent as possible as this part of our company might break off into its own independent company in the near future. I have a Watchguard XTM515 firewall. My plan is to connect these 2 new servers on a new IP subnet to a port on this firewall. I will block all communication from all of my domain servers (on my primary domain to this new port/subnet). That way I can setup a new Active Directory domain on this subnet that won't be seen by the SBS 2011 domain controller. The few devices on my current primary subnet that will need access to the new servers will only do so by remote desktop connection (via ip address since there will be no DNS resolution available to this subnet).
Does this setup plan make sense? Are there any flaws or issues that I am overlooking before I start this process?
Does this setup plan make sense? Are there any flaws or issues that I am overlooking before I start this process?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Perfect. So, I can go ahead with the separate subnet use to ease in the eventually company split. But, I don't need to worry about blocking through firewall which will make my life much easier.
Thanks again!
Thanks again!
ASKER