Welcome to ISAserver.org

Publishing RPC in DMZ

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Web Proxy] >> Unihomed >> Publishing RPC in DMZ

Page: [1]

Message

<< Older Topic Newer Topic >>

Publishing RPC in DMZ - 14.Jun.2007 7:57:00 PM

Yorgy

Posts: 158
Joined: 20.Sep.2006
Status: offline

Greetings Everyone,

I need some verification on a possible solution to a problem I am having on our DMZ.

ISA is setup on our DMZ with forwarding any requests outside the DMZ to the following--for ex. Domain Controllers DC1 and DC2.

Every morning I am noticing RPC is unavailable Event ID 5719 until someone triggers the RPC protocol for username authentication to our LDAP server (DC1 and DC2).

This is an error since authentication should automatically authenticate for all users when requesting web services by proxying through ISA, that is once they have been verified on our domain controllers as domain users.

So, now for the question: Do I need to publish both domain controllers with the RPC protocol to allow users to be serviced with internet access without receiving authentication pop-ups for the first couple of users in the morning?

I think the first couple of users are triggering the RPC protocol that opens the door for everyone else to get through, which is fine

, but I would like to keep this from happening to the first couple of users and to just allow them right through...

Help Please, I am having nightmares about this!

Yorgy

_____________________________

Life is a zoo in a jungle!

Post #: 1

Featured Links*

RE: Publishing RPC in DMZ - 28.Jun.2007 9:51:59 AM

tshinder

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Yorgi,

I'm not clear on how your ISA Firewall is configured. Are you saying that you configured the ISA Firewall with three Interfaces, with the third interface being a DMZ segment with domain members in it?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to Yorgy)

Post #: 2

RE: Publishing RPC in DMZ - 28.Jun.2007 3:33:02 PM

Yorgy

Posts: 158
Joined: 20.Sep.2006
Status: offline

Hello Tom,

Actually I am using only one interface for where my ISA Server is located (DMZ).
The NIC is plugged into our DMZ port on the switch, and from there to our DMZ port on our Sonicwall Firewall (Perimeter Firewall).

IP Adresses is as followed:

IP: 172.16.1.10
    255.255.255.0
    172.16.1.5 Gateway to our switch and from there to our DMZ port Sonicwall

DNS 192.16.1.10 Domain Controller 1
        192.16.1.11 Domain Controller 2

Hope this makes sense, please let me know if you would like me to clarify a bit more...

Any ideas is truly appreciated, and thank you for the follow up...

Thank you
Yorgy

_____________________________

Life is a zoo in a jungle!

(in reply to tshinder)

Post #: 3

RE: Publishing RPC in DMZ - 29.Jun.2007 10:43:57 AM