About WINS and browsing

I just have a few questions, regarding my setup.

I have 2 domains, each on a single subnet with a firewall between. I have
setup domain trust from the DMZ domain (call this domain B), so that clients
on the LAN domain (call this domain A) can browse the servers on domain B. I
have not setup WINS yet, so of course network browsing isn't working yet.

Myu question is how should I design WINS installation to this scenario? All
clients on the domain A should browse all servers on domain B, but not the
reverse.
Also, what ports do I need to open in the firewall to allow WINS traffic ? I
guess I only need to open in one direction or do I have to have both
directions open?

My first comment would be that this is a very bad idea. There is a very
good reason for setting up DMZs, and one of them is to prevent access to
your private network from the Internet. One of the best ways destroy the
integrity of that setup is to punch holes in the firewall to allow things
like the Netbios ports, which is what you are doing.


"kjetilw" <(E-Mail Removed)> wrote in message
news:64B3956A-39E1-4352-8163-(E-Mail Removed)...
>I just have a few questions, regarding my setup.
>
> I have 2 domains, each on a single subnet with a firewall between. I have
> setup domain trust from the DMZ domain (call this domain B), so that
> clients
> on the LAN domain (call this domain A) can browse the servers on domain B.
> I
> have not setup WINS yet, so of course network browsing isn't working yet.
>
> Myu question is how should I design WINS installation to this scenario?
> All
> clients on the domain A should browse all servers on domain B, but not the
> reverse.
> Also, what ports do I need to open in the firewall to allow WINS traffic ?
> I
> guess I only need to open in one direction or do I have to have both
> directions open?

Well, like I said, I would like this to be one way only, not both ways. Which
means I would like to access the DMZ from my LAN, but not the other way.


"Bill Grant" wrote:

> My first comment would be that this is a very bad idea. There is a very
> good reason for setting up DMZs, and one of them is to prevent access to
> your private network from the Internet. One of the best ways destroy the
> integrity of that setup is to punch holes in the firewall to allow things
> like the Netbios ports, which is what you are doing.
>
>
> "kjetilw" <(E-Mail Removed)> wrote in message
> news:64B3956A-39E1-4352-8163-(E-Mail Removed)...
> >I just have a few questions, regarding my setup.
> >
> > I have 2 domains, each on a single subnet with a firewall between. I have
> > setup domain trust from the DMZ domain (call this domain B), so that
> > clients
> > on the LAN domain (call this domain A) can browse the servers on domain B.
> > I
> > have not setup WINS yet, so of course network browsing isn't working yet.
> >
> > Myu question is how should I design WINS installation to this scenario?
> > All
> > clients on the domain A should browse all servers on domain B, but not the
> > reverse.
> > Also, what ports do I need to open in the firewall to allow WINS traffic ?
> > I
> > guess I only need to open in one direction or do I have to have both
> > directions open?
>
>