Hey all, thanks for reading.
So the long and the short of it is that I've been tasked with setting up a Windows 2012 VPN server and an FTP for our site. Access to these services would be best done via AD user accounts.
The only way I can really think of doing this safely would be to build a RODC in the DMZ and allow tight restricted connection between it and a single RWDC on the internal network, rather than allowing the VPN and FTP servers to connect though the DMZ to the RWDC's on our internal network.
What are others experiences with this?
Thanks all.
