PAGEME1000
Technical User
All
I have a problem (not the obvious one as you all snigger). We have a remote access system that terminates on a dmz of our pix. The issue is that the windows clients cannot authenticate with our domain controllers which reside on the inside interface. There is a NAT setup from dmz to inside and the DNS in the DMZ points correctly. The clients can ping the AD controller by name but can't authenticate to login.
I am thinking that a rule for instance
static (inside, dmz) 192.168.0.7 192.168.0.7
This will then advertise the inside address of the dc to the dial up users in the dmz and hence they will be able to authenicate.
Btw the pix has 6 dmz's and this is an intermediate dmz not the ouside.
Any ideas appreciated....
Page.
I have a problem (not the obvious one as you all snigger). We have a remote access system that terminates on a dmz of our pix. The issue is that the windows clients cannot authenticate with our domain controllers which reside on the inside interface. There is a NAT setup from dmz to inside and the DNS in the DMZ points correctly. The clients can ping the AD controller by name but can't authenticate to login.
I am thinking that a rule for instance
static (inside, dmz) 192.168.0.7 192.168.0.7
This will then advertise the inside address of the dc to the dial up users in the dmz and hence they will be able to authenicate.
Btw the pix has 6 dmz's and this is an intermediate dmz not the ouside.
Any ideas appreciated....
Page.