Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] 3 sites, 3 domains, what to do?

To: [email protected]
Subject: [FW1] 3 sites, 3 domains, what to do?
From: Eugene Hsu <[email protected]>
Date: Fri, 08 Sep 2000 18:16:38 -0400
Sender: [email protected]

whoops, sent this to the wrong address... trying again...

Hello,

We have offices at three sites, NY, Boston and LA. Currently NY and Boston are up and running FW-1, and they can communicate TCP/IP fine between each other (FTP/Telnet/http). The rules allow all traffic (except for BOOTP and NBT) to go across between Boston and NY. Los Angeles will be up running shortly and installed. The problem that we have is with W2000 domain authentication.

The firewalls are NT-4 machines not on any domain, and the servers and workstations are all running W2K. The problem is that we are running two separate domains on the W2000 servers, and this is causing problems with logins for people who share office locations in both offices. Machines can not share files or printers with systems attached to other domains. If we bring a Boston-based laptop to NY, they can connect DHCP correctly to NY, but they can not access NY resources (files/printers). I have heard from others that they can not authenticate W2K back across to the Boston servers, and sometimes they can not mount drives. Are these symptoms common? When LA goes online, then things will get more complicated.

Our SA's are unsure if they can fix this with trusts at the moment. Do most people here run one domain across locations, or do you have some sort of trust relationship between different physical locations? I was told that a popular option was to have one domain, but separate org units per site.

If anyone has any recommendations, I would be most appreciative. this has been discussed in the archives, or the answer can be found on a web page, please point me there.

Thanks for your time.

Thanks,
Eugene Hsu
[email protected]

================================================================================
    To unsubscribe from this mailing list, please see the instructions at
              http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Anti-spoofing and Pushing Rules
Next by Date: [FW1] Packet Fragmentation with v4.0 SP5 Hotfix
Previous by thread: [FW1] Anti-spoofing and Pushing Rules
Next by thread: [FW1] Packet Fragmentation with v4.0 SP5 Hotfix
Index(es):
- Date
- Thread