On 10/18/05, Kristian Shaw <monowall at wealdclose dot co dot uk> wrote:
> I believe for NT4 you need to allow all the NetBT services (137, 138, 139),
> WINS (42), EPMAP (135) and all the high ports (everthing > 1024) to the PDC.
> In other words your DMZ/LAN seperation will be poor if you need NT4 domain
> traffic to pass.
> A workgroup might be the answer unless you use NT Authentication on your web
> (e.g. for Frontpage) or you use Exchange for email.
agreed. Also make sure the boxes that are now in the DMZ are
configured with the correct WINS server IP.