Authenticate on other ISA servers?

Authenticate on other ISA servers? (Full Version)

All Forums >> [ISA Server 2004 General ] >> General

Message

davehocking -> Authenticate on other ISA servers? (1.Jun.2006 4:23:02 PM)
Hi all, below is a rough network diagram... Essentially I want users of the Terminal Server to be authenticated by the Office ISA server. [image]http://www.david.hocking.zen.co.uk/isaserver/network.jpg[/image] ..So if a user of the TS box views the Sharepoint site, I would like that to be included in the logs on the Office ISA server, with the users details. How do I get the Terminal Server to 'pass' authentication to the 'other' ISA server? Ideas please! Cheers Dave

tshinder -> RE: Authenticate on other ISA servers? (3.Jun.2006 6:30:09 PM)
Hi Dave, Are these trihomed ISA firewalls? thanks! Tom

davehocking -> RE: Authenticate on other ISA servers? (7.Jun.2006 4:31:46 PM)
Hi Tom, they're much more than tri-homed, the DMZ ISA server has 5 and the Office ISA has 6 active interfaces.. Any advice greatly appreciated! :)

tshinder -> RE: Authenticate on other ISA servers? (9.Jun.2006 2:54:47 AM)
Hi Dave, Right now the best option is to create a route relationship between the source and destination ISA firewall Networks and then use the Firewall client. HTH, Tom

davehocking -> RE: Authenticate on other ISA servers? (9.Jun.2006 12:04:53 PM)
Will I need to open any ports to allow the firewall client to connect? - This is where it all went wrong for me when I tried it, I couldn't find a definitive list of what ports would need opening. Thanks for the advice, appreciated :)

tshinder -> RE: Authenticate on other ISA servers? (9.Jun.2006 6:33:54 PM)
Hi Dave, You'll need need the authentication ports open that are typically used for intradomain communcations. Try LDAP/LDAPS and RPC (all interfaces) from the Firewall clients to the DCs on the other Network. HTH, Tom

Page: [1]