Hi all

I am working at a school and have a strange problem which i have lost all my brain knowledge over now.
Brief setup
Site 1 - Admin - 10.12.106.0 - 255.255.255.0
Curriculum - 10.12.108.0 - 255.255.255.0
Site 2 - 10.13.156.0 - 255.255.252.0

Way this is setup is, admin should be able to access curriculum network but curriculum cant access admin network. I can ping both networks i can RDP to both networks from my admin machine. But before when i use to from admin machine browse to a share in
curriculum i was in instantly, now i get access is denied and have to log in. It seems its not authenticating using the admin details. same for printers, they are all on 108 subnet but 106 cant access it. Can someone tell me what to look for? i am losing hair
over this now. thanks in advance
we have had a new internet service provider recently and they have replaced firewall. They say everything is fine from there side, the ports are open. as i said i can RDP across both sites but just cant seem to access resources. Not sure if its DNS issue
or still firewall issue.

Need to support users over the internet? click here try our remote control online beta

Are these all part of the same domain? When there is a firewall in between domain subnets, for authentication to work, the accessed machine must be able to connect to a domain controller. Here is a link to the ports required by AD via a firewall:

http://support.microsoft.com/kb/179442

Note that the RPC ports are dynamic by default (the same with Exchange), so to make this work through a firewall, you must define (or restrict) which ports to use, here is the article on how to do that:

http://support.microsoft.com/kb/224196

Check with your ISP and make sure these are open in the new firewall, they may have opened the ports for RDP and are allowing ICMP, but did not open NBT, SMB, DNS, LDAP, etc...

Need to support users over the internet? click here try our remote control online beta

Hello
Try telnet from 10.12.106.0 to 10.12.108.0 on port 53,389,139,138,3268,445
if it goes well then there are least chance that issue from firewall
Also try recalling any immediate infrastructure change/upgrade

Hope it helps __________________________ Best regards Sarang Tinguria MCP, MCSA, MCTS Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

There is an amazing pack of free network admin tools. click here to download it

Hi,

Thanks for posting here.

What about the topologic ? The new replaced firewall, is this device act as a router device and connects with both admin and curriculum subnets?
Were we still about to access these resources after input the proper credentials (domain admin)?

Thanks.

Tiger LiTiger Li
TechNet Community Support

Need to support users over the internet? click here try our remote control online beta