whoops, sent this to the wrong address... trying again...
Hello,
We have offices at three sites, NY, Boston and LA. Currently NY and Boston
are up and running FW-1, and they can communicate TCP/IP fine between each
other (FTP/Telnet/http). The rules allow all traffic (except for BOOTP and
NBT) to go across between Boston and NY. Los Angeles will be up running
shortly and installed. The problem that we have is with W2000 domain
authentication.
The firewalls are NT-4 machines not on any domain, and the servers and
workstations are all running W2K. The problem is that we are running two
separate domains on the W2000 servers, and this is causing problems with
logins for people who share office locations in both offices. Machines can
not share files or printers with systems attached to other domains. If we
bring a Boston-based laptop to NY, they can connect DHCP correctly to NY,
but they can not access NY resources (files/printers). I have heard from
others that they can not authenticate W2K back across to the Boston
servers, and sometimes they can not mount drives. Are these symptoms
common? When LA goes online, then things will get more complicated.
Our SA's are unsure if they can fix this with trusts at the moment. Do
most people here run one domain across locations, or do you have some sort
of trust relationship between different physical locations? I was told
that a popular option was to have one domain, but separate org units per
site.
If anyone has any recommendations, I would be most appreciative. this has
been discussed in the archives, or the answer can be found on a web page,
please point me there.
Thanks for your time.
Thanks,
Eugene Hsu
[EMAIL PROTECTED]
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
