I'm trying to setup two domains one in a enterprise network and one in a secure network seperated by a cisco pix, with certain users in the enterprise network accessing the secure via a vpn terminated at the vpn. What I can't figure out how to do is get a trust or some sort of integrated authentication with the windows domain on the secure side. I would like to not open any ports from the enterprise side to the secure side.
I've been able to access the secure resources by ip and manually entering a username/password.
I also have been able to read directory information on the enterprise network via an unvalidated external trust, which lets me add the users' sid. But when I try to access the secure resources it tells me that the trust is not functioning and thus access is denied. I'm running out of ideas here.
My only other guess is to manually enter an sid of a user on the secure side to the history of the enterprise user profile in hopes it will let me access resources. If anyone has any ideas I would greatly appreciate it. I feel like I've been beating my head on the table for about a week now.
--Joe Vernaci
I've been able to access the secure resources by ip and manually entering a username/password.
I also have been able to read directory information on the enterprise network via an unvalidated external trust, which lets me add the users' sid. But when I try to access the secure resources it tells me that the trust is not functioning and thus access is denied. I'm running out of ideas here.
My only other guess is to manually enter an sid of a user on the secure side to the history of the enterprise user profile in hopes it will let me access resources. If anyone has any ideas I would greatly appreciate it. I feel like I've been beating my head on the table for about a week now.
--Joe Vernaci