How to allow Win2000 server to Join domain accross firewall

[remy74]

I am trying to join a windows 2000 server to my active directory domain across a watchgaurd firebox 2. The server I want to join the domain is on the optional interface. All of my other Domain Control are on the trusted interface. When I try to join the domain I get the error:
The specified domain either does not exist or could not be contacted.

DNS is resolving good from the server. What ports do I need open for windows 2000 connectivity.

Thanks,
Jeremy

 

[pinger2k]

Hi remy74,

it's not quite straight forward.
You will need to setup a wins server which an entry pointing to your server in the optional.
Setup your server in the trusted to use the wins.
Next allow smb, dce-rpc, across fom trusted to optional.

You may need to turn off nat.

 

[Nynuxus]

88 (Transmission Control Protocol [TCP], UDP) - Kerberos
123 (UDP) - Windows Time Synchronization Protocol (NTP). 135 (TCP) - EndPointMapper.
389 (TCP, UDP) - Lightweight Directory Access Protocol
445 (TCP) - Server message block (SMB) for Netlogon, LDAP
3268 (TCP) - LDAP to global catalog servers

hope this helps