[ previous ] [ next ] [ threads ]
 From:  "Kristian Shaw" <monowall at wealdclose dot co dot uk>
 To:  <Peter at iwebsl dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] NT4 networking and m0n0
 Date:  Tue, 18 Oct 2005 18:23:33 +0100

I believe for NT4 you need to allow all the NetBT services (137, 138, 139), 
WINS (42), EPMAP (135) and all the high ports (everthing > 1024) to the PDC.

In other words your DMZ/LAN seperation will be poor if you need NT4 domain 
traffic to pass.

A workgroup might be the answer unless you use NT Authentication on your web 
(e.g. for Frontpage) or you use Exchange for email.



----- Original Message ----- 
From: "Peter Heywood" <Peter at iwebsl dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, October 18, 2005 4:03 PM
Subject: [m0n0wall] NT4 networking and m0n0

My setup:

WAN -> M0n0 -> LAN (PDC with Wins)
-> DMZ (web and mail servers)

I recently added the DMZ and moved my servers (web and mail) to the DMZ. I'm 
still using an old NT4 PDC and domain which the servers were part of. 
Viewing the system logs I see the server are no longer logging into the 
domain. My Questions are; should I move the servers off the domain and setup 
a workgroup or is there a better way to be doing this.


To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch