Re: Domain Member Server in DMZ - Kommunikation mit IPSec sichern?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Thomas K.H. Bittner" <tbittner@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 18 May 2006 11:26:48 +0200

Christoph wrote:

Hallo zusammen,

ich habe ein paar Server in einer DMZ stehen. Ein Teil davon sind
Domain Member Server, die Domaincontroller stehen im internen LAN.
Damit ich nicht die ganzen Ports für LDAP, GC und RPC freischalten
muss, würde ich lieber IPSec einsetzen, finde aber kein richtiges
How-To, wie ich die Kommunikation zwischen den Domainmembers und den
Domaincontrollern absichern kann.

.... normalerweise macht man das so, dass die Server mit einer zweiten NIC
für das interne LAN ausgestattet werden. IPSec halte ich in dem Fall nicht
für zweckmäßig, wenn nur eine NIC in den Servern genutzt wird.

Gruß,
Thomas
--
[Escalation Support] http://www.mvpatwork.de/support.aspx
[Q+A] news://news.mvpatwork.de
[Profile] http://www.linkedin.com/in/windowsinfrastructure

.

Follow-Ups:
- Re: Domain Member Server in DMZ - Kommunikation mit IPSec sichern?
  - From: Thomas Wildgruber

Prev by Date: Re: Domain Member Server in DMZ - Kommunikation mit IPSec sichern?
Next by Date: Re: Domain Member Server in DMZ - Kommunikation mit IPSec sichern?
Previous by thread: Re: Domain Member Server in DMZ - Kommunikation mit IPSec sichern?
Next by thread: Re: Domain Member Server in DMZ - Kommunikation mit IPSec sichern?
Index(es):
- Date
- Thread

Relevant Pages

ipsec and/or netfilter problem
... It's a LAN ... The server has 3 NIC's: eth0 which is connected to the internet with my ... My goal with ipsec is to secure all the LAN traffic (both ethernet and ...
(Linux-Kernel)
Re: RRAS two way (pptp) vpn possible?
... If the dedicated server is on a public network, your best bet is to use ... VPN is designed to link remote clients to a LAN (ie the client is ... To set up a secure link between two servers, IPSec is the tool to use. ...
(microsoft.public.windows.server.networking)
Re: IIS IpSec
... >then try browse from remote in the same ... >your LAN, working ?? ... >> production IIS Server and I can browse websites just ... >> with the same definitions in my IPSec. ...
(microsoft.public.inetserver.iis.security)
RE: ipsec for lan
... Subject: ipsec for lan ... IPsec is the right solution if you need packet ... level security. ... IPsec on Windows 2000 Server ...
(Focus-Microsoft)
Re: MAC Filtering Part II
... If these are Windows 2000 or newer computers implement IPSec on them. ... Don't allow users access to LAN ... > machines are running XP Pro and the server is running Server 2003. ...
(microsoft.public.windows.server.general)