Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
234
Views
0
Helpful
1
Replies

Windows 2000 - inside to DMZ.

rgnwcco
Level 1
Level 1

‎12-07-2003 06:42 AM - edited ‎03-09-2019 05:47 AM

I have a few copy scripts that run on a Windows 2000 server on the inside network. These scripts copy files from a server on the DMZ to the inside server and vice versa. Do I need to use an ACL or can I just use a nat /global command as all traffic is being initiated from the inside ? If I have to use an ACL, which ports should I open. I have Windows 2003 Active Directory.

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎12-07-2003 02:27 PM

If the traffic is always initiated from the inside server, then all you need is a nat/global command.

You did mention however that files are copied in both directions, so if the DMZ server is initiating a file copy it would need to be as part of the same TCP/UDP connection, not sure how Windows would handle that though.

Easiest way to test it is to see if it works first, if it does then great. If not then enable syslogging on the PIX and look for deny messages from the DMZ server to the inside server, this will show you what type of ACL you need to apply to the dmz interface.

0 Helpful
Customers Also Viewed These Support Documents