Hi,
Currently I have two seperate domains not related. 1 is deployed on our LAN and another on my DMZ.
Due to some new requirements I have had to setup a one-way trust between the two so our LAN user access to the DMZ based servers can be controlled. This has been done and works on my test server.
What I thought happened in this scenario was that all requests would filter from the DMZ servers to the DMZ DC then to the LAN DC so the only cross zone communications would be between the DCs.
This does not seem to be the case.
What I want to avoid is swiss cheesing my firewall to allow each DMZ server access to my internal DC as I have approx 50 DMZ servers requiring it.
Does anyone have any suggestions or thoughts on this, both are 2003 native domains with only 2003 servers involved?
Thanks in advance.
Currently I have two seperate domains not related. 1 is deployed on our LAN and another on my DMZ.
Due to some new requirements I have had to setup a one-way trust between the two so our LAN user access to the DMZ based servers can be controlled. This has been done and works on my test server.
What I thought happened in this scenario was that all requests would filter from the DMZ servers to the DMZ DC then to the LAN DC so the only cross zone communications would be between the DCs.
This does not seem to be the case.
What I want to avoid is swiss cheesing my firewall to allow each DMZ server access to my internal DC as I have approx 50 DMZ servers requiring it.
Does anyone have any suggestions or thoughts on this, both are 2003 native domains with only 2003 servers involved?
Thanks in advance.
