Given is the following network setup:
┌192.168.1.10 Windows Server (WAN)
│
└192.168.1.100 Router (WAN)
192.168.0.1 Router (LAN)
│
└192.168.0.x Windows Client (LAN)
WAN area: 192.168.1.x.
LAN area: 192.168.0.x.
Those areas are separated by the router.
As you can see the Client is located in the LAN area, and connected to the WAN area through a router. The Server is located at the WAN area. What I want to do is enable the Client (which is running Windows 7) to do authentication via Kerberos with the Server (Windows Server 2003).
Many websites telling me I need to enable TCP und UDP port 88 in the router firewall to use Kerberos. Of course, this only makes sense if the server is behind a firewall. But in this case the client(s) is (are) behind a firewall.
I tried to use the lmhosts-file on the client to specify the IP addresses of my Windows Server, but it doesn't work. I am able to do the windows logon on my client using the domain user and password. But when I want to access a network share, for example, I get an error message and I am prompted to do the authentication again.
My question: What configuration do I need to authenticate to the Windows Domain correctly and use the network share without having to re-authenticate?
