WKS outside PIX

G

Guest

Hi Guys

We have some stations outside our PIX Cisco 550 with a NAT configuration, we
got some trouble to join these station on our AD that is inside the same PIX.

Before all, we need this kind of topology couse these wks are very faw from
our dc and then we cannot use the same network.

We need to join all these station on our domain.

P.S.

We wouldn't use the IPSEC and VPN solution.

Any Idea?

Thanks in Advance.


Stefano e Maurizio (Italy)
 
L

Lanwench [MVP - Exchange]

NETCRASHLOG said:
Hi Guys

We have some stations outside our PIX Cisco 550 with a NAT
configuration, we got some trouble to join these station on our AD
that is inside the same PIX.

Before all, we need this kind of topology couse these wks are very
faw from our dc and then we cannot use the same network.

We need to join all these station on our domain.

P.S.

We wouldn't use the IPSEC and VPN solution.

Any Idea?

Thanks in Advance.


Stefano e Maurizio (Italy)
Click to expand...

Do you want them to connect from the Internet? Bad idea if so. Set up a VPN
site link between the two offices. If I've misunderstood, please correct me.

Salve!
 
G

Guest

The situation is this:
We have a private and very important internal network inside an another
private and very large intranet.
Between this network there is a pix Firewall.
Both network have private ip address
Inside PIX 192.168.x.x
Outside PIX 10.x.x.x
The our necessity is that from network 10.0.0.0 place outside PIX, many WKS
(2000 professional) must to join to DC that are inside to PIX.
No access is request from internet but only from intranet.
The problem is DNS on DC that have SRV record with association 192.168.0.0
that are unreachable from intranet why pix done a Nat.
We would like avoid to use Ipsec and VPN from intranet station.

Thanks
 
K

Kevin D. Goodknecht Sr. [MVP]

In
Maurizio said:
The situation is this:
We have a private and very important internal network
inside an another private and very large intranet.
Between this network there is a pix Firewall.
Both network have private ip address
Inside PIX 192.168.x.x
Outside PIX 10.x.x.x
The our necessity is that from network 10.0.0.0 place
outside PIX, many WKS (2000 professional) must to join to
DC that are inside to PIX.
No access is request from internet but only from intranet.
The problem is DNS on DC that have SRV record with
association 192.168.0.0 that are unreachable from
intranet why pix done a Nat.
We would like avoid to use Ipsec and VPN from intranet
station.
Click to expand...

The problem is, unless you VPN through the firewall, you'll have to make the
firewall like swiss cheese. If you make VPN connections through the Pix, all
you need is the VPN port. So do you want a firewall made of swiss cheese?
310111 - HOW TO Configure Packet Filter Support for PPTP VPN Clients in
Windows 2000:
http://support.microsoft.com/default.aspx?scid=kb;en-us;310111&sd=RMVP
832017 - Port Requirements for the Microsoft Windows Server System:
http://support.microsoft.com/default.aspx?scid=kb;en-us;832017&sd=RMVP
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Join to DC from outside pix 1
Join to domain outside PIX 1
Windows XP slow file transfers over internet with FTP/SMB 0
VPN USERS 4
Vpn Passthrough 1
Cert Server - Changed Enterprise CA 12
VPN 2
NAT-T and L2TP 5

Top