Cisco Switches with ACL's between VLAN's and windows servers

Question #1 I have a domain forest in my current WAN. I have been asked to tighen up security but implementing ACL's between VLAN's. My problem is this. I have say office A on VlanA with the main controller and office B on VlanB with a child controller. What ports am i going to have to open up between those vlans so the two servers can talk to each other and keep active directory happy.

Question #2 Would I need to open the same ports say if a workstation was on a different Vlan then the server it authenticates with. Not sure this would happen but just wanted to know in the event I run into that.

I have all offices connected via Point to Point T1, switches are all Cisco 3550's and all servers are compaq DL series of one flavor or another.

the goal is to open only the ports needed to have the server talk to each other and keep Active Directory working, allow clients to authenticate and all that other sever functions and block everything else

Reply to
chart
Loading thread data ...

In article , wrote: :Question #1 :I have a domain forest in my current WAN. I have been asked to tighen :up security but implementing ACL's between VLAN's. My problem is this. : I have say office A on VlanA with the main controller and office B on :VlanB with a child controller. What ports am i going to have to open :up between those vlans so the two servers can talk to each other and :keep active directory happy.

In my experience.... "All of them".

Or at least a fine selection of privileged ports (

Reply to
Walter Roberson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.