[Freeipa-users] FreeIPA DMZ topology
Baird, Josh
jbaird at follett.com
Wed Oct 7 17:18:48 UTC 2015
I'm also interested in how people are handling this - especially when using AD Trusts.
When using a trust, the IPA host not only has to communicate with IPA servers, but with potentially every AD domain controller in your HUB site. For us, this is a large number of domain controllers which means we would need a large number of ACL's on our firewalls to permit the IPA DMZ client access to the AD domain controllers.
Any suggestions?
Thanks,
Josh
From: freeipa-users-bounces at redhat.com [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Aly Khimji
Sent: Wednesday, October 07, 2015 1:12 PM
To: freeipa-users at redhat.com
Subject: [Freeipa-users] FreeIPA DMZ topology
Hey guys,
Question for you, would having a replica be the ideal solution for authorizing hosts in a DMZ?
Do you have any use cases for DMZ access/authorization or topologies you can share for DMZ zones where FreeIPA is used?
Aly
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151007/88663974/attachment.htm>
More information about the Freeipa-users
mailing list