NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Domain Controller


  • To: [email protected]
  • Subject: Re: [FW-1] Domain Controller
  • From: Aeon Hale <[email protected]>
  • Date: Wed, 16 Jan 2002 13:35:39 -0500
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcGevERe00IKcmtIS+OiGGnNRBNJtQAACreg
  • Thread-topic: Re: [FW-1] Domain Controller

Both the DMZ DC and Radius Server are on Win2k.  I am also willing to
have all my webservers authenticate to the radius server and not setup
the new DC anyway.  Does anybody know if this is possible and maybe some
general pointers on setup?

Thanks to all for the responses.

-----Original Message-----
From: Work [mailto:[email protected]]
Sent: Wednesday, January 16, 2002 12:37 PM
To: [email protected]
Subject: Re: [FW-1] Domain Controller


Aeon,

>From my understanding, I think you can make your Radius Server a Win2k
box
and have it act as a Domain Controller from the same database/box.  If
you
don't want to have everything on one box I think you could have the
Radius
box feed off of the Domain Controller.

If I am wrong someone please feel free to straighten me out.

> -----Original Message-----
> From: Mailing list for discussion of Firewall-1
> [mailto:[email protected]]On Behalf Of Aeon
> Hale
> Sent: Wednesday, January 16, 2002 11:36 AM
> To: [email protected]
> Subject: [FW-1] Domain Controller
>
>
> Please forgive me for sending the list an "off checkpoint subject" but
> i'm hoping somebody here has run into this situation:
>
> DMZ:
>
> contains numberous webservers.  Our NT guys want to setup a Domain
> Controller on DMZ for centralized authentication.  It will NOT sync
with
> internal Domain Controller.
>
> Question:
>
> We currently have a radius server used for authentication (checkpoint
> uses this for user, client, session and securemote).  I would like to
> know if there is a way to have the DMZ domain controller "trust" the
> radius server that way we can cut back on the amount of accounts we
need
> to create?
>
> Without the trust between the DMZ Domain controller and radius, each
> user will have to have 3 accounts:  One on Internal DC, one on DMZ DC,
> and one on Radius Server.  We're trying to keep it to a minimum, i'm
> sure you guys can understand.
>
> Any help would be greatly appreciated.
>
> Thanks,
>
> Aeon Hale
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
>

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.