[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] NT4 networking and m0n0
 Date:  Tue, 18 Oct 2005 13:33:34 -0400 
On 10/18/05, Kristian Shaw <monowall at wealdclose dot co dot uk> wrote:
> Hello,
>
> I believe for NT4 you need to allow all the NetBT services (137, 138, 139),
> WINS (42), EPMAP (135) and all the high ports (everthing > 1024) to the PDC.
>
> In other words your DMZ/LAN seperation will be poor if you need NT4 domain
> traffic to pass.
>
> A workgroup might be the answer unless you use NT Authentication on your web
> (e.g. for Frontpage) or you use Exchange for email.
>

agreed.  Also make sure the boxes that are now in the DMZ are
configured with the correct WINS server IP.

-Chris