General discussion

Locked

IP/Port Forwarding

By hebrews2124 ·
Hello. I am currently trying to set up a Smooth Wall firewall for my local network. I currently have five servers (3 web servers, 1 domain controller/file server and a test server). All of these servers have their own static public IP address assigned to them. When I put my Smooth Wall in place, I want to put my three web servers and my test server on in the DMZ (orange interface). I want to place my domain controller/file server within the private (green) network. I would, however, still like for each server to maintain its own static public IP. This is especially important for the web servers in the DMZ. I'm still mulling over the security implications of my domain controller/file server having a publicly available IP address but being located inside my private (green) network. I need the DC/FS to be accessible from the internet for things like VPN and remote access (mostly for management purposes). So, any suggestions here would be appreciated.

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

NAT the public IPs.

by seanferd In reply to IP/Port Forwarding

Don't know where, but thy tell you how in the Admin Guide.

Collapse -

And enable encryption for AD

by robo_dev In reply to NAT the public IPs.

By default, AD exchanges use LDAP.

If a Windows server has to be in the DMZ and has to use AD to talk to servers on the local LAN, then you need to protect AD.

Besides, obviously, closing all AD-related ports to the external interfaces,

http://articles.techrepublic.com.com/5100-22_11-5238083.html

http://blogs.technet.com/b/seanearp/archive/2009/04/28/active-directory-in-the-dmz.aspx

http://symlabs.com/solutions/active-directory/encryption

Back to Networks Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums