To autenticate form the DMZ to the DCs, but a specific question. (Full Version)

All Forums >> [ISA 2006 Firewall] >> Access Policies



Message


loureed4 -> To autenticate form the DMZ to the DCs, but a specific question. (22.Jun.2013 6:01:33 AM)

Hello,

First, my scenario: ISA Server 2006, Windows 2008 Enterprise as the DCs , and Windows 2008 as the machine in the DMZ trying to log in the DCs.

I have been reading this article: http://www.isaserver.org/articles-tutorials/articles/2004perimeterdomain.html

In that article some ports are stated are required : RPC (All interfcaes), CIFS TCP 445, DNS, Kerberos-Adm UDP, Kerberos-Sec TCP and UDP, LDAP TCP and UDP, LDAP GC, NTP and Ping.

However I just created a machine in the DMZ, joined in the domain and afterwards, when loging into the domain for the second time, I monitored form ISA what was happening in this procces of the DMZ machine log in to the domain. The protocols I see are these:

Kerberos-Sec (TCP) , DNS, LDAP UDP, Ping, Netbios Name Service, CIFS, and RPC (All interfaces).

Kerberos, DNS and ldap seem obvious, but I don't understand:

1- Why do I need NetBios Name Service , CIFS and RPC.
2- Why are there protocols in the maginificent article I have just read, that my ISA doesn't log.

Thanks a lot in advance!!




Page: [1]