Guest Jake Posted October 8, 2007 Posted October 8, 2007 Hi, We have a member server with two nics, one connected to Domain-A and the other to Domain-B. No routing is set between the two subnets. Despite this, if I open Windows Explorer / network neigborhood from a workstation in Domain-B I can see Domain-A as a 'workgroup' with many Domain-A workstation names in it. Does this mean that windows propagates such information across doubleNIC servers or would it be caused by Domain-A computers currently (and temporarily) connected to Domain-B? Thanks for comments on this issue jake
Guest Lanwench [MVP - Exchange] Posted October 8, 2007 Posted October 8, 2007 Re: Watertight between two NICs...? Jake <jake44@gmail.com> wrote: > Hi, > > We have a member server with two nics, one connected to Domain-A and > the other to Domain-B. No routing is set between the two subnets. What's the reason for this config, if I might ask? How can your server be a member of two domains? If you want to lock down & protect the two networks from one another, get a router or a switch with VLANs. > > Despite this, if I open Windows Explorer / network neigborhood from a > workstation in Domain-B I can see Domain-A as a 'workgroup' with many > Domain-A workstation names in it. > > Does this mean that windows propagates such information across > doubleNIC servers or would it be caused by Domain-A computers > currently (and temporarily) connected to Domain-B? > > Thanks for comments on this issue > > jake It does sound puzzling to me....you shouldn't be seeing broadcast traffic from another subnet if everything is truly as you describe. Do you use WINS? You might post an unedited ipconfig /all from a workstation in each domain.
Guest Jake Posted October 8, 2007 Posted October 8, 2007 Re: Watertight between two NICs...? Lanwench [MVP - Exchange] skreiv: > Jake <jake44@gmail.com> wrote: >> Hi, >> >> We have a member server with two nics, one connected to Domain-A and >> the other to Domain-B. No routing is set between the two subnets. > > What's the reason for this config, if I might ask? How can your server be a > member of two domains? It is not a member of two domains, but it servers as WSUS server for the two subnets... > It does sound puzzling to me....you shouldn't be seeing broadcast traffic > from another subnet if everything is truly as you describe. Do you use WINS? > You might post an unedited ipconfig /all from a workstation in each domain. I use wins but just for Domain-A's wins server. Both nics are hardcoded ips with each subnet's domain controller as DNS server respectively. jake
Guest DevilsPGD Posted October 8, 2007 Posted October 8, 2007 Re: Watertight between two NICs...? In message <OaB4Q8aCIHA.4712@TK2MSFTNGP04.phx.gbl> Jake <jake44@gmail.com> wrote: >Lanwench [MVP - Exchange] skreiv: >> Jake <jake44@gmail.com> wrote: >>> Hi, >>> >>> We have a member server with two nics, one connected to Domain-A and >>> the other to Domain-B. No routing is set between the two subnets. >> >> What's the reason for this config, if I might ask? How can your server be a >> member of two domains? > >It is not a member of two domains, but it servers as WSUS server for the >two subnets... It sounds like the machine got elected as a master browser on one or both sides. If it's just a WSUS server, killing file and print sharing entirely should probably be more secure, and as a side effect, will probably stop this leak. Just a guess though. -- You can get more with a kind word and a 2x4 than just a kind word.
Recommended Posts