1. Home
  2. Networking Firewalls
  3. Win2003 IP blocking

Win2003 IP blocking

Simple question, hopefully get a simple answer:

I have a server on AD. On that server I would like to only allow IP connection from 2 other servers to that server, but still would like AD related traffic to come through from the domain servers. How do I do it?

I thought about using "Routing and Remote Access" and just use the "Basic Firewall" portion of it. Is that the way to go? If I only specify 2 IPs to come in, how do I still allow for MS AD specific traffic to come in? There must be a gazillion MS ports to configure.

Thx in advance.

Reply to
me
Loading thread data ...

Reply to
William L. Sun

It sounds like your servers are not on the same network, if that's the case, then just do a site-to-site VPN.

If they are on the same network, and you're trying to isolate a web server from your network, don't do it - remove the web server from the AD structure and put it in a different network, called a DMZ, so that once it gets hacked there is no easy path to the domain accounts.

Reply to
Leythos

Good advice...

Micchael

Reply to
Michael Pelletier

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.