Jump to content


Sign in to follow this  
LionelB

Design DMZ and IBCM

Recommended Posts

Hello,

I am looking for some design recommendations for my test environment that I would like to apply to one production environment.
I am working with 2 domains (2 forests) with no trust relationships.
Domain A : internal
Domain B : DMZ

From a firewall point of view, only the ports from the internal to the DMZ will be opened.
From the internet to the DMZ, only HTTPS will be opened.
Currently, I only manage the clients connected to the internal domain.
I would like to deploy a new management point in DMZ that will allow me to manage my DMZ clients and my Internet clients.
Should I use 2 management points :
- one for the DMZ clients
- one dedicated to my internet clients

If I use only one MP, should I allow Intranet and Internet clients ?

The only documents I can find on Technet require too many ports to be opened in the firewall (From DMZ to Internal) and can't be applied to my environment.

Thanks.

post-17351-0-46807800-1422764777_thumb.png

Share this post


Link to post
Share on other sites


Did you get this all ironed out? I am wanting to do something very similar. What ports did you open on each server and what ports did you open on the firewall?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...