This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Joining My DMZ server to my Internal AD domian.

Greetings

I am using ASL 5; I have 3 interfaces on my Astaro box, Internal, DMZ and External. I have a packet filter securing traffic from the DMZ to the internal network…

I do want to be able to join my DMZ server to my Internal Active Directory domain, and create a front end mail server that will pass mail to the internal server.

I’m having problems finding the correct ports I need to open from the DMZ to the internal network in order to make this happen, I know port 25 for mail, but for AD I’m at a lost…. Please help!!!

Thanks….

Newbie to ASL

This thread was automatically locked due to age.

Parents

0 jlobster over 21 years ago

Cruz,

Make sure you have a rule set for your front end Exchange server in the firewall to block all traffic to it from the internet that isn't something that the machine is supposed to be doing. (i.e. block everything but OWA if it is for OWA access) If the machine is just for SMTP relay, I'd use ASL instead.

If you have to have a front end server that is part of your AD, make sure that server gets its OS updates soonest. If it is compromised then the attacker has all of your AD info at his fingertips.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 jlobster over 21 years ago

Cruz,

Make sure you have a rule set for your front end Exchange server in the firewall to block all traffic to it from the internet that isn't something that the machine is supposed to be doing. (i.e. block everything but OWA if it is for OWA access) If the machine is just for SMTP relay, I'd use ASL instead.

If you have to have a front end server that is part of your AD, make sure that server gets its OS updates soonest. If it is compromised then the attacker has all of your AD info at his fingertips.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data