I have a secure site-to-site VPN but when it was set up we locked down all
the ports on the firewalls either end to ensure only traffic we wanted was
going over it.
We now want to open it up (as link speeds have increased) so that domain PCs
(XP Pro SP3) at site can connect back to the DCs at head office (2003 SP2)
as members of the domain - ie. using domain logon, getting their network
drives and logon scripts, group policy enforcement etc.
Speed is not an issue, I just don't know which ports are necessary to open
and don't want to just open everything.