Been there. You really need a syslog server to figure this out. W2k must have tcp 135 445 123 88 gt1024 and udp 137 139 88 53. The syslog will tell you exactly what you need. Kiwi makes a very good free one
-----Original Message----- From: Fei Yang [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 14, 2002 3:57 PM To: [EMAIL PROTECTED] Subject: Windows domain logon through PIX firewall I have a PIX 525 with a DMZ. There's a Windows 2000 workstation in DMZ and it is a member of the domain in the inside network. However, this Win2000 workstation cannot logon to the domain because of the PIX firewall, even when I opened the whole IP port to DMZ. Is there any special port or configuration I should do on the PIX, or on the Windows 2000 PDC? Thanks in advance, Fei Yang Network Specialist SOS _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
