Hi forum,
any idea how to rebuild access to Microsoft dfs shares.
Every week we run a script to get-out anything changed on the dfs server ip addresses.
but I want it a little bit smarter.
Can I use DNS based rules for this?
at the moment the rule is following
address-group servers {
10.10.20.10
10.10.20.11
10.10.20.12
10.10.20.13
description "\\myserver\dfsrb\DfsCOM\DIT"
rule 12 {
action accept
description "dfs shares"
destination {
group {
address-group servers
port-group fileshare-ports-tcp
}
}
protocol tcp
}
rule 13 {
action accept
description "dfs shares"
destination {
group {
address-group servers
port-group fileshare-ports-udp
}
}
protocol udp
port-group fileshare-ports-tcp {
description "TCP Ports"
port 88
port 389
port 445
port 464
port 636
port 3268
port 3269
}
port-group fileshare-ports-udp {
description "UDP Ports"
port 88
port 123
port 389
port 464
}