Cisco Switches with ACL's between VLAN's and windows servers

Discussion in 'Cisco' started by chart@homesoc.com, Oct 26, 2005.

  1. Guest

    Question #1
    I have a domain forest in my current WAN. I have been asked to tighen
    up security but implementing ACL's between VLAN's. My problem is this.
    I have say office A on VlanA with the main controller and office B on
    VlanB with a child controller. What ports am i going to have to open
    up between those vlans so the two servers can talk to each other and
    keep active directory happy.

    Question #2
    Would I need to open the same ports say if a workstation was on a
    different Vlan then the server it authenticates with. Not sure this
    would happen but just wanted to know in the event I run into that.

    I have all offices connected via Point to Point T1, switches are all
    Cisco 3550's and all servers are compaq DL series of one flavor or
    another.

    the goal is to open only the ports needed to have the server talk to
    each other and keep Active Directory working, allow clients to
    authenticate and all that other sever functions and block everything
    else
     
    , Oct 26, 2005
    #1
    1. Advertising

  2. In article <>,
    <> wrote:
    :Question #1
    :I have a domain forest in my current WAN. I have been asked to tighen
    :up security but implementing ACL's between VLAN's. My problem is this.
    : I have say office A on VlanA with the main controller and office B on
    :VlanB with a child controller. What ports am i going to have to open
    :up between those vlans so the two servers can talk to each other and
    :keep active directory happy.

    In my experience.... "All of them".

    Or at least a fine selection of privileged ports (<1024) and all
    ports above that.

    It is, though, difficult for me to tell which inname flows we
    see that are caused -solely- by Exchange and which are -only- AD
    and which are -only- pre-AD NT authentication. Though if an
    Exchange transaction requires a bizzare AD interaction that wouldn't
    happen without Exchange, which is at fault?
    --
    Okay, buzzwords only. Two syllables, tops. -- Laurie Anderson
     
    Walter Roberson, Oct 26, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. avraham shir-el
    Replies:
    4
    Views:
    8,739
    avraham shir-el
    Jul 20, 2004
  2. raptor

    vlan between 2 switches

    raptor, Feb 2, 2005, in forum: Cisco
    Replies:
    0
    Views:
    453
    raptor
    Feb 2, 2005
  3. Vimokh
    Replies:
    3
    Views:
    5,916
    Vimokh
    Sep 6, 2006
  4. skowal
    Replies:
    0
    Views:
    457
    skowal
    Jan 28, 2008
  5. Adam Przestroga

    Layer 3 ACL and two Cisco switches.

    Adam Przestroga, Aug 9, 2009, in forum: Cisco
    Replies:
    3
    Views:
    2,450
    Adam Przestroga
    Aug 12, 2009
Loading...

Share This Page