using domain controller in front of a firewall router

[Edward]

I have a Domain Controller with a public IP address and a PC behind a
firewall router with a private IP address.

How can I log on to the Domain Controller from behind the firewall router?

Must I take the Domain Controller behind the firewall and give it a private
IP before the rest of the network behind the firewall can use the domain
controller.

Thanks.

 

[Richard G. Harper]

The first question that pops into my mind is ... WHY do you have a domain
controller exposed to the public? That is an incredibly risky
configuration.

But anyway, yes, you will need to have the DC in the same address segment as
the rest of the network for clients to be able to log onto it. Depending on
the firewall/router hardware you might be able to route traffic through it
to the DC and back but if you do then what's the point of having it?

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[Edward]

Thanks Richard.

I am trying to explore how best to deploy my network because I try to limit
the number of machines that I need to power on 24/7. My ISP forward all my
e-mail to a fixed public IP and I want also to have webmail running for MS
exchange. Hence, I am trying to explore the options possible.

Any suggestion welcome.

Regards

---
Ed

The first question that pops into my mind is ... WHY do you have a domain
controller exposed to the public? That is an incredibly risky
configuration.

But anyway, yes, you will need to have the DC in the same address segment
as the rest of the network for clients to be able to log onto it.
Depending on the firewall/router hardware you might be able to route
traffic through it to the DC and back but if you do then what's the point
of having it?

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

I have a Domain Controller with a public IP address and a PC behind a
firewall router with a private IP address.

How can I log on to the Domain Controller from behind the firewall
router?

Must I take the Domain Controller behind the firewall and give it a
private
IP before the rest of the network behind the firewall can use the domain
controller.

Thanks.

 

[Richard G. Harper]

Sorry, I don't know much about mail servers and configuration but I'd
suggest that you consider routing and forwarding the incoming mail - the
router gets it at public address xx.yy.zz.aa and forwards it to the mail
server inside the firewall, ditto outgoing mail gets routed from the
internal mail server to the external public address.

You should probably also consider the possibility that if that server has
been sitting and facing the public for any length of time, it may not be
'your' server any longer. Someone may have hacked it and I'd be very
worried about that possibility especially with a DC.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Thanks Richard.

I am trying to explore how best to deploy my network because I try to
limit the number of machines that I need to power on 24/7. My ISP forward
all my e-mail to a fixed public IP and I want also to have webmail running
for MS exchange. Hence, I am trying to explore the options possible.

Any suggestion welcome.

Regards

---
Ed

The first question that pops into my mind is ... WHY do you have a domain
controller exposed to the public? That is an incredibly risky
configuration.

But anyway, yes, you will need to have the DC in the same address segment
as the rest of the network for clients to be able to log onto it.
Depending on the firewall/router hardware you might be able to route
traffic through it to the DC and back but if you do then what's the point
of having it?

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

I have a Domain Controller with a public IP address and a PC behind a
firewall router with a private IP address.

How can I log on to the Domain Controller from behind the firewall
router?

Must I take the Domain Controller behind the firewall and give it a
private
IP before the rest of the network behind the firewall can use the domain
controller.

Thanks.

 

[Edward]

Thanks for your advise Richard.

Sorry, I don't know much about mail servers and configuration but I'd
suggest that you consider routing and forwarding the incoming mail - the
router gets it at public address xx.yy.zz.aa and forwards it to the mail
server inside the firewall, ditto outgoing mail gets routed from the
internal mail server to the external public address.

You should probably also consider the possibility that if that server has
been sitting and facing the public for any length of time, it may not be
'your' server any longer. Someone may have hacked it and I'd be very
worried about that possibility especially with a DC.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Thanks Richard.

I am trying to explore how best to deploy my network because I try to
limit the number of machines that I need to power on 24/7. My ISP forward
all my e-mail to a fixed public IP and I want also to have webmail
running for MS exchange. Hence, I am trying to explore the options
possible.

Any suggestion welcome.

Regards

---
Ed

The first question that pops into my mind is ... WHY do you have a
domain controller exposed to the public? That is an incredibly risky
configuration.

But anyway, yes, you will need to have the DC in the same address
segment as the rest of the network for clients to be able to log onto
it. Depending on the firewall/router hardware you might be able to route
traffic through it to the DC and back but if you do then what's the
point of having it?

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


I have a Domain Controller with a public IP address and a PC behind a
firewall router with a private IP address.

How can I log on to the Domain Controller from behind the firewall
router?

Must I take the Domain Controller behind the firewall and give it a
private
IP before the rest of the network behind the firewall can use the
domain
controller.

Thanks.

 

[Richard G. Harper]

You're welcome.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Thanks for your advise Richard.

Sorry, I don't know much about mail servers and configuration but I'd
suggest that you consider routing and forwarding the incoming mail - the
router gets it at public address xx.yy.zz.aa and forwards it to the mail
server inside the firewall, ditto outgoing mail gets routed from the
internal mail server to the external public address.

You should probably also consider the possibility that if that server has
been sitting and facing the public for any length of time, it may not be
'your' server any longer. Someone may have hacked it and I'd be very
worried about that possibility especially with a DC.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Thanks Richard.

I am trying to explore how best to deploy my network because I try to
limit the number of machines that I need to power on 24/7. My ISP
forward all my e-mail to a fixed public IP and I want also to have
webmail running for MS exchange. Hence, I am trying to explore the
options possible.

Any suggestion welcome.

Regards

---
Ed


The first question that pops into my mind is ... WHY do you have a
domain controller exposed to the public? That is an incredibly risky
configuration.

But anyway, yes, you will need to have the DC in the same address
segment as the rest of the network for clients to be able to log onto
it. Depending on the firewall/router hardware you might be able to
route traffic through it to the DC and back but if you do then what's
the point of having it?

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


I have a Domain Controller with a public IP address and a PC behind a
firewall router with a private IP address.

How can I log on to the Domain Controller from behind the firewall
router?

Must I take the Domain Controller behind the firewall and give it a
private
IP before the rest of the network behind the firewall can use the
domain
controller.

Thanks.