Hey Guys, I need to setup a separate AD forest in our DMZ to accommodate the need for a domain (SQL log shipping, Windows clustering, etc). The issue is that we're using NAT and a Cisco PIX between our production network and the DMZ network. So even though our production network is 172.16.x.x, for example, the DMZ sees these resources as 10.10.x.x.
>From everything I've read, NAT breaks a lot of things, but unfortunately we must use NAT. Anyone have any real world experience with this? Any suggestions would be appreciated. -FDiskThePC __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/