Domain members not behind firewall can't reach DC

We have a small network containing two Win2000 DCs and workstations in different locations. Due to massive intrusion attacks, we have put the DCs and some workstations behind a firewall (NETgear FR328). The problem is that the domain member computers that are not behind the firewall don't reach the DC. According to Microsoft, I should either open a number of ports on the firewall or use PPTP and GRE 47 protocol. What is your suggestion? How do you use PPTP and GRE in this context? Thanks in advance.
The best solution to this problem is to use a VPN for access. The VPN can be PPTP (which will use GRE) or L2TP/IPsec. You will need to configure Routing and Remote Access Services (RRAS) on a server in the domain and conjure VPN clients. You can use built-in software in Windows clients to create a VPN.
This was first published in October 2003

Dig Deeper on Network intrusion detection and prevention and malware removal



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:



  • VDI assessment guide

    Wait! Don't implement VDI technology until you know your goals and needs. A VDI assessment should consider the benefits of a VDI ...

  • Guide to calculating ROI from VDI

    Calculating ROI from VDI requires a solid VDI cost analysis. Consider ROI calculation models, storage costs and more to determine...

  • Keep the cost of VDI storage under control

    Layering, persona management tools and flash arrays help keep virtual desktop users happy and VDI storage costs down.