cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
358
Views
0
Helpful
1
Replies

RODC Implementing under Cisco 3850 L3 Switch & Cyberoam CR300INg (UTM)

Srinivas N
Level 1
Level 1

HI Firends,

Please suggest on below setup.

our setup is, internet links are connected to UTM device, Then UTM device is connected to L3 Switch (Cisco 3850), Then L3 Switch is connected to L2 Switches to reach the nodes

In UTM device we created one DMZ (20.20.20.0) & Lan (10.10.10.0) Networks. And we created multiple vlans, each vlan will have separate dhcp pool in L3 Switch  

Here our local server (RODC_20.20.20.2) will communicate Domain Server via VPN Tunnel from DMZ and nods will be under lan network, these nods will be communicate to RODC Server.

in above scenario, any configuration shall i need to do like LDAP, either L3 switch or in UTM device. please help me and find the attached connectivity diagram.  

Thanks & Regards, Srinivas. N.
1 Reply 1

Paul Chapman
Level 4
Level 4

Hi Srinivas -

At a minimum you will need the following ports open between LAN and DMZ: TCP88, UDP88, UDP137-138, TCP139, TCP389, TCP445, TCP636, and TCP3268.  Likely you will need more.  Generally I advise against putting a firewall between domain clients and DCs due to the large number of ports required and the fact that MS occasionally adds new ports.

Note that you may have trouble authenticating administrative users for the UTM against the RODC as the password field for admins is not replicated to RODCs.

PSC

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: