Servers :: How To Setup Trusts Between Two Domains
May 19, 2011Need step by step instructions for setting up trust between two domains
View 1 RepliesNeed step by step instructions for setting up trust between two domains
View 1 RepliesI am creating a migration plan for our organization, Im wondering, how many domain controllers people have, how many member servers and what there used for?
View 3 Replies View RelatedI've got a digital phone system but it goes VoIP across our P2P T1's. I am having quality issues between our 2 sites only and have decided to setup QoS on the Cisco 1841 P2P routers. each side that does the voice traffic, I would like to do QoS by IP address, instead of by protocol.I will need an access-list, a class-map and a policy-map and need to point the interface to the policy-map
View 19 Replies View RelatedI have a LAN running Window server 2000 as domain controller and having 40 client PCs.i want to configure my server as a mail server which is for the time being only a file server. i dont want to use POPS, IMAP or Exchange server.instead i want to use Microsoft Mail to configure my client computers.i have only heard about "Microsoft Mail" mail so far.
View 2 Replies View RelatedHow do i setup a network printer on server 2003 .
View 1 Replies View RelatedDifferences between using an Apache server on a regular laptop vs. a whole operating system like Windows Server 2008. I'd like to setup an intranet complete with an internal domain name. Is this possible with Apache or do you have to use a complete server operating system like Windows server 2008?
View 1 Replies View RelatedI'm running a windows lan that connects 3 computers and a shared storage external hard drive. The whole network, including the external hard drive is connected by ethernet back to my adsl modem/router. I want to convert the external hard drive into an ftp server to enable secure file sharing on the internet by allowing remote access (for the purpose of downloading files) to anyone that I offer a username and password to.The external hard drive is a Western Digital World Edition (blue light)I believe it's a 2008 model.The adsl modem/router is a Billion Bipac 7300(G) RA.Is this doable?
View 3 Replies View RelatedI have a small network in my garage, it's basically made up of a bunch of test servers. Those and a win xp machine are all hooked up to a switch, and the win xp machine also has a wireless usb stick that is connected to my wireless router, and is being used to share internet to the rest of the machines. The test servers along with the NIC card on my win xp machine sit on a different subnet, however.When I remote into the win xp machine from my house, i can run a second remote desktop in the first session, into any of my servers. I want to do work on them, but its very laggy.
Is there a way I can setup a port either on the win xp machine or my wireless router so that i can remote directly into one of the servers? so if the win xp machine has a wireless ip address of 192.16.13.102, and one of the servers on the 2nd subnet has an internal ip of 192.2.2.4, can i have it so i can make, for instance, 192.16.13.102:6333 forward to 192.2.2.4? If not, is there any other way i can directly remote into one of the servers, by passing the first remote desktop into win xp? What settings would have to be the same across the line?
I would like to setup multiple DMZs for our hosting servers. Currently there is a single DMZ in which our reverse proxy servers are connected using a public IP address. The idea is to have the reverse proxy forward the request from the Internet to the hosting servers in another DMZ. The purpose of the hosting DMZ is to protect it from the outside as well as from the inside. There will also be a development DMZ where we can test content prior to going live with the website.
Network: We currently have two Cisco 6509's (Core) with a FWSM in each running active/stanby configuration. There is a 10Gb Fiber connection between each Cisco switch to two Cisco 4948s (Top of Rack Switches). I can either setup OSPF or Trunking between the core and top of rack switches. The Cisco 4948s will support VLAN 7 (hosting DMZ 10.0.7.0/24) and VLAN 8 (development DMZ 10.0.8.0/24). Each webserver is connected to both Cisco 4948 for redundancy.
Question: If I have a single interface connecting both VLANs 7 and 8, either through Layer 2 or 3, then how can pass both DMZ traffic to the appropriate servers? The reason why the servers are in the same rack connected to the same two switches is that we are using Blade Servers and VMWare.
We have a setup of 2 Nexus 7000 chassis and several fexes (N2K-C2248TP-1GE). The fexes are connected through a port-channel to a single nexus 7000 (no vpc). (Fex 1 to Nexus 1, fex 2 to Nexus 2, fex 3 to nexus 1 etc).Are there guidelines on how to connect a server to those fexes.
I can see several possible scenario's at our site. I have drawn some scenario's on a design. I can't find detailed information on which setup is possible and which is not. The goal is to have as much redundancy as we can.When using scenario 1, do I configure an orphan port on the uplink to this server?
Do you have the ability to setup DHCP servers on this layer 3 switch? I know I can with my old 3550 switch. Want to upgrade and make sure this model supports setting up dhcp servers on it.
View 3 Replies View RelatedMy company bought another company and moved them into our building. the company moved in but are on an entirely different network all together. wired separately, different domains.what i would like to do is be able to have them communicate with each other. have users on company A be able to use printers on company B's side of the network.
View 15 Replies View RelatedHow do I block specific domains (pandora.com, etc.) in the Sonicwall? It seems like this would happen in the CFS but do I need a subscription for this? I don't want to subscribe to Sonicwall's filtering list, I just want to block a couple specific domains.
View 9 Replies View RelatedMy company have just set up a new subsidiary. I have had a request from my Managing Director asking if it is possible for us to share calendars with the other company so if he wants to make a meeting appointment he can check if Joe Bloggs from the subsidiary is free.There is domain A (parent company) and domain B (subsidiary)Both us and the subsidiary are currently running Microsoft Exchange 2007 on windows SBS 2008 server with mainly windows 7 clients with Outlook 2007-2010?Is it possible to share calendars between the 2 domains?
View 7 Replies View RelatedIs it possible for Windows 7 to host multiple domains? I have seen that it is available for plenty of other OSs and I am sure that it is. I just wanted to make sure.
View 2 Replies View Relatedjoin multiple domains in windows xp?
View 2 Replies View RelatedI do have a quick question about Cisco ACS 5.3 and multi domain authentication. How is it exactly handled?
Can I join more than one domain with the ACS server? Or do I still need to configure that bidirectional trust relationship between those AD forests (even with the ACS 5.3)?
We are trying to set up ACS 5.2 in our multi-forest AD environment. As part of our evaluation we set up an Active Directory External Identity Store to a domain (a.b.edu). It connects properly and I can see the directory groups in the that tab when we Select. This domain (a.b.edu) has a two way trust with another domain in another forest (x.y.b.edu). However, I do not see the groups in that domain and I cannot seem to manually add those groups using the Add on the free text Group Name.
The documentation is not clear on this point: Page 8-41 and 8-42 of the "User Guide for the Cisco Secure Access Control System 5.2) says: "The External User Groups dialog box appears displaying a list of AD groups in the domain, as well as other trusted domains in the same forest." This implies to me that it cannot cross forests even though a trust is set up. This seems to be what is happening.
Currently, my company runs a DC and exchange server in the building. It is also hosting our website with IIS7. All AD users currently have @company1.com.au email addresses.We have just started an off shoot company and would like to setup emails in exchange so that we can automatically assign and manage emails on the same exchange server. so that each user hasWhat is the best way to do this?At the moment, company2.com - company is hosted outside with someone else. Is there a way that he can direct the mail to us so that he hosts the website but we host the email server?
View 1 Replies View RelatedI've been tasked with designing a network consisting of 3 separate broadcast domains with each one representing a separate business accross 3 separate floors. None of the companies should be able to communicate with each other.I've been told that the design should only represent the first 3 layers of the OSI model so I'm only looking at Cabling, Switching and Routing.
I don't expect you all to tell me exactly how I should do this, however I just need a starting point. My main issue is with routing. I'm aware that each port on a router represents a broadcast domain so if I use one router, 3 broadcast domains, does that means that none of the domains will be able to communicate with each other? Should I use more than one router or can i get away with one? Also just so you are aware I've been told not to use VLans and each broadcast domain must have its own ip address schema.
Does the LDAP authentication work across W2K3 Active Directory domains and multiple ASA5510 firewalls? Or do I need to setup another type of authentication? If I use another type of authentication can I get specific portals with special bookmarks based on login account?
View 4 Replies View RelatedCurrently on ACS 5.2 and our MS Active Directory is migrating to a completely new domain. There will be a two way trust between them for the 24 month migration period. How best to configure ACS connect to both domains?
View 2 Replies View RelatedThe users belong to Multiple AD domains. If we purchase WLC 2500 controller. Can I have one more WLANs authenticate to multiple radius or ad domains? I thought one WLAN/ ssid authenticate to single radius server.
View 4 Replies View RelatedI would like to configure few routings on my Cisco router 871 in order to allow my employees to have access only to specific websites.However, since some websites have dynamic IPs propably the route that I will create will not work.
My question is, can I configure a route or is there any other way to configure this permission based on the hostname/domain? For example, if I want to permit access to this website www.surveymonkey.com (75.98.93.51) instead of configuring:
ip route 75.98.93.51 255.255.255.255 192.168.10.250
is there any way to configure based on the url.. in order to be able to recognise this host correctly??
I've set up my E3000 (and the WRT54g it replaced) to use dynamic DNS (using dyndns.org) to forward a domain to a particular IP address on the network. Works awesomely.
I now have a situation where I am setting up a local network (no internet access) where I want a few other local users (an iPad and a laptop) to be able to access a couple websites (let's say x.me and y.me) on a machine also connected to the router.
As an aside, It seems (just from casual testing) that if I am on a machine on my local network and I try to access my dynamic domain (that I route through dyndns.org) and it seems to resolve right away without going out to the internet. Is this correct? Does it automatically route anything on lan directly?
I've been having a weird issue lately with my WRT310Nv2. Sometimes when we, and by we, I mean two different computers (one Mac, one XP PC), try to go to a website, it will point us to an entire diffrently website. For example, earlier today I attempted to go to Twitter and twitter.com appeared as some random Blogger website. I've had issues where Amazon.com kepting point to UPS.com, or Facebook.com pointing to MySpace.com, etc.
I haven't been able to pinpoint a regular pattern, except the fact that it is most likely the wireless network, since the Windows PC (Server 2003) plugged directly into the router has never had this issue.
Region : Austria
Model : TL-MR3420
Hardware Version : V2
Firmware Version :
ISP :
I'd like to make exception keywords in the Access Control but I don't know how I could possibly do this. E.g. I have put in the keyword "apple" to be blocked, so if a domain has the keyword "apple" in it, it will be automatically blocked. What can I do, however, if I want to make an exception for the domain "appletree.com"? I haven't found any way to make an exception to specific domains or keywords.
I am trying to block certain domain, i used "domain" and "domain.com" in the forbidden domains , but when people access the website as https://domain.com the website loads perfect. Http is block however. I tried to block "https://domain.com", but that didn't work.
View 3 Replies View RelatedI'm looking to implement ACS 5.2 using 802.1X, we have two seperate AD domains.A single switch will need to support both ADs, so if a machine in AD1 is connected, it will be authenticated to the ACS using AD1 and applied to VLAN1, while a machine that is in AD2 will be authenticated to AD2 and applied to VLAN 2.
I'm looking at machine authentication, not user authentication, so I assume that I will need to import two certs from each AD.
So i see tons of threads here and on google talking about dns issues with their linksys router but I never see a solution other than to locally change the dns servers on the client machine to prevent it from using the linksys router dns. My router is the WRT310Nv2 running the latest firmware but I see others are affected as well. url...My issue is this router continues to fail dns resolutions and I have to either reset it or tell my client machine not to use my router as a point of dns resolution.
1. Why is my router failing to resolve domains correctly?
2. Is there anyway to fix this from the router?
I have a customer with three rooms where teh access layer aggregation switches are run back to.
Access Switch Stack A -> room 1 + room 2
Access Switch Stack B -> room 2 + room 3
Is it possible to have three Nexus 7000s ie one in each room (1,2 and 3) and have them setup like this:
Nexus 7000#1 vPC domain 1
Nexus 7000#2 vPC domain 1 + vPC domain 2
Nexus 7000#3 vPC domain 2
Thus gving all access switch stacks redundant links to the core withouit spanning tree.
I know its not ideal but its a campus site and thats how the existing fibre runs go.
We have an RVS-4000 router that we use as an Internet gateway on our school network. I am trying to set up an Internet Access Policy to block some specific websites by URL using a domain name. I set up the policy, and added a PC to the list using the mac address, and the blocking did not work. I went back to the list and added the IP address of the same PC, the policy still did not work to block the domain. I rebooted the router, cleared the Internet Temporary files and history on the PC, and the policy still does not work. It acts like it is going to block access to the website because it takes a long time, but it will eventually connect.
View 7 Replies View RelatedWe are planning to split the Private servers from the DMZ Servers and configure an additional Interface and segment for this purpose.
Private Servers Segment: 192.168.4.0/24 (there is no DHCP all servers' IPs are statically configured)
DMZ Segment: 192.168.3.0/24 (This is a future deployment)
LAN Segment: 172.17.0.0/16
Both, Private Servers and DMZ Servers are in a collocation as well as the ASA5520. There are multiple Branch offices that uses subnets within the 172.17.0.0/16 Network and they are connected to the ASA5520 via Metro-E.
I do not know if this is possible but what I want to do is this:
In order to avoid the change of internal DNS records I want to mask the DMZ servers with a Private Server IP when a Private server or LAN host wants to access it like this:
The FTP server in the DMZ has the IP address: 192.168.3.100. But when a PC from the LAN wants to reach the FTP server it should points to its old IP: 192.168.4.100. This way the PC sends a packet to the ftp.corporate.net (192.168.4.100) the ASA recieves the packet and translate it to the (192.168.3.100) and send it out through the DMZ Interface.
Also if the Private Servers wants to reach the same FTP the ASA will act like a proxy-ARP and send the paquet to the DMZ by means of the translation of the IP.