Anyone by chance replicating AD using a NAT firewall with IPSec?
My ISP is blocking ports tcp/udp 135-139 which is used for RPC AD replication.
I can use IPSec for AD replication but in searching out the process, I'm reading from Microsoft that it won't replicate correctly over NAT-based routers.
I can disable the NAT, but that just doesn't work for me. I'm thinking about trying it out in the DMZ to see if that will bypass the NAT instead.
Anyone else trying this or have any thoughts on it?
In the mean time, I'm going to continue searching on it.
Riser
I keep forgetting how my new network is setup. I'm using my friend's D-Link Wireless G Router.. I haven't really looked at it's config options, but I know my linksys router has the option to allow IPSec Passthrough. If his router doesn't allow that, I'll just put my router in place, use his as an AP attached to mine and be done with it.
I like solving my own problems and posting in a forum so everyone can watch me answer my own stupid questions. hah.
Riser
<P ID="edit"><FONT SIZE=-1><EM>Edited by riser on 04/21/05 11:48 AM.</EM></FONT></P>
My ISP is blocking ports tcp/udp 135-139 which is used for RPC AD replication.
I can use IPSec for AD replication but in searching out the process, I'm reading from Microsoft that it won't replicate correctly over NAT-based routers.
I can disable the NAT, but that just doesn't work for me. I'm thinking about trying it out in the DMZ to see if that will bypass the NAT instead.
Anyone else trying this or have any thoughts on it?
In the mean time, I'm going to continue searching on it.
Riser
I keep forgetting how my new network is setup. I'm using my friend's D-Link Wireless G Router.. I haven't really looked at it's config options, but I know my linksys router has the option to allow IPSec Passthrough. If his router doesn't allow that, I'll just put my router in place, use his as an AP attached to mine and be done with it.
I like solving my own problems and posting in a forum so everyone can watch me answer my own stupid questions. hah.
Riser
<P ID="edit"><FONT SIZE=-1><EM>Edited by riser on 04/21/05 11:48 AM.</EM></FONT></P>