I agree with Guido, then. Several protocols tend to not like NAT, but 2003 has some new possibilities that you can work with. Name resolution is also tricky but can be done. Time sync is another one that can sometimes be a pain.
Al
On 2/15/06, FDiskThePC <[EMAIL PROTECTED]> wrote:
For simplicity sake, let's just say that I need to use
my production AD account to access a Windows file
share in the DMZ. Thanks.
-FDiskThePC
--- Al Mulnick <[EMAIL PROTECTED]> wrote:
> What kind of resources specifically? Web based
> only? Or other? If other,
> what kinds?
>
> Trusts might be the least of your concerns depending
> on traffic types.
>
> Also, what are the security requirements? Is this
> something that has to be
> monitored via IDS systems? What other security
> requirements?
>
> I understand if you can't answer some of this in a
> public forum. You're
> welcome to drop a note directly or not answer at
> all. But these types of
> answers are critical to making any suggestions as
> they frame up the
> boundaries.
>
> Al
>
>
>
>
> On 2/13/06, FDiskThePC <[EMAIL PROTECTED]> wrote:
> >
> > Good point. The requirements are that the DMZ
> forest
> > needs to have a one way trust to the production
> forest
> > so that user accounts in the production forest can
> > access DMZ resources.
> >
> > --- Al Mulnick <[EMAIL PROTECTED]> wrote:
> >
> > > It's not clear what the requirements are nor
> what
> > > you expect to break. You
> > > aren't thinking of putting a MSCS across a
> firewall
> > > anyway, now are you?
> > > Better yet, if so, which type of cluster?
> > >
> > >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam? Yahoo! Mail has the best spam
> protection around
> > http://mail.yahoo.com
> > List info : http://www.activedir.org/List.aspx
> > List FAQ :
> http://www.activedir.org/ListFAQ.aspx
> > List archive:
>
http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
