Showing results for 
Search instead for 
Did you mean: 

Using SA4500 to access another domain

Occasional Contributor

Using SA4500 to access another domain

Hi All,


I have been tasked with using our corporate SA4500's to access another network domain which has been setup. The SA's reside on the corporate network and are used primarily for accessing the corporate resources. The new domain has been segragated off with there own AD etc and we would like to utilise the corporate SA's instead of purchasing another one for what is likely to be very limited traffic.

I know we can configure the SA to do an LDAP query against the new domain, which will entail the opening of the fireall for port 389 and a route will need to be put in place between the networks. My question is, does anyone know of any best practises for this setup or does anyone know/see any potential risks/issues with this?


Any feedback will be gratefully recieved as I'm a bit doubtful about how this is going to work and worried about causing a potenial security risk.





Super Contributor

Re: Using SA4500 to access another domain

I have generally set this up using a separate url, login page and a unique address pool for each of the domains on the same box.  This generally give s me enough separation to write both the acl on the resources and the firewall rules out of the DMZ for the separate domains.

Steve Puluka BSEET - IP Architect - DQE Communications Pittsburgh, PA (Metro-Ethernet & ISP) -