Hi There,
I'm looking to deploy DA with Server 2012 R2 and Win 7 clients. I want to use 6to4, Toredo and IP-HTTPS but I'm a little confused about the firewall config required. Our firewall is administered by a third party so I need to submit a set of rules for DA functionality.
The Firewall admins have created a DMZ for me with two consecutive public IP addresses - Ill plug the external interface of the DA server to that. The other interface of the DA server will be connected to a switch on the internal network which is itself
connected to the internal interface of the same firewall. With this config it makes a domain joined machine contactable from the internet which I really don't like but I guess there is no way round this is there?
With this config is this what my firewall rules should look like?
Protocol Source
Destination
Port
6to4 Internet
External NIC of DA 41 (destination)
6to4 External NIC of DA
Internet
41 (destination)
Toredo Internet
External NIC of DA 3544 (destination)
Toredo External NIC of DA
Internet
3544 (source)
IP-HTTPS Internet
External NIC of DA 443 (destination)
IP-HTTPS External NIC of DA Internal
443 (source)
Also, when publishing the external DNS host name do I use just the first public IP address only?