locked
Accessing Private Subnet from public Subnet RRS feed

  • Question

  • Dear Friends

    I have been requested to built  two separated virtual machines and then  install Active directory on both of them, these networks on different subnets one with (10.10.5.0/24 )DC01 and the second VM with (10.10.6.0/24) DC02 and then build one way trust from DC01 to DC02, How can we implement that, considering DC02 on private zone and can't access the Internet but DC01 can Access the Internet?

    Hint: both DC01 and Dc02 on different Domain and different forests.

    Any idea how can we implement that? does it implement in VMWare workstation or in windows server environment??

    Do we have to install more than one LAN cards on DC01?

    Thursday, January 26, 2017 12:05 PM

All replies

  • Hi,

    From my understanding you are creating 2 different domains in two different subnets and want to allow a trust between them. This is possible on single interfaces (LAN cards), however you would need to have firewall rules in place to allow communication between the domains over the trust ports.

    If you are unsure you can find a list of the ports here:

    https://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx

    Only ports for the trust communication will be required to be open.


    • Proposed as answer by John Lii Tuesday, February 7, 2017 2:56 AM
    Thursday, January 26, 2017 12:16 PM