Guest JT Posted April 15, 2008 Posted April 15, 2008 I have 4 DCs, 2 on each VLAN. My default VLAN, VLAN 0, can communiicate with VLAN 1. VLAN 0 has higher security, so clients on VLAN 0 may initiate communication with VLAN 1, but VLAN1 clients cannot initate communication to VLAN 0. I have opened firewall ports that allow the DCs on both VLANS to communicate freely. The issue is, in the PIX log I see that DCs on VLAN 1 try to initiate communication with clients on Vlan 0. Of course this fails. Why do the DCs on VLAN 1 desire to communicate with clients on VLAN 0? I have the DNS for VLAN 0 clients pointed to the DCs on VLAN 0. It is a mystery to me why DCs on VLAN 1 desire to communicate with clients on VLAN 0. Can this be prevented? Thanks -- -- JT
Recommended Posts