Re: To tri-homed, or not to tri-homed... that is the question
From: Hugh G. Johnson (hughgjohnsonNOT_at_comcast.net)
Date: 01/31/05
- Next message: Dave Nickason [SBS MVP]: "Re: Setting SBS2003 as NTP Time Server"
- Previous message: MCSEGURU: "Re: To tri-homed, or not to tri-homed... that is the question"
- In reply to: Phillip Windell: "Re: To tri-homed, or not to tri-homed... that is the question"
- Next in thread: Phillip Windell: "Re: To tri-homed, or not to tri-homed... that is the question"
- Reply: Phillip Windell: "Re: To tri-homed, or not to tri-homed... that is the question"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 31 Jan 2005 15:30:48 -0800
Phillip,
Thanks for the response.
Couple of clarifications. We have a LIVE (WS03) server hosted somewhere else
and this "developement" host the same info we have on the live server, so
our jewels are exposed 24/7 already. Maybe I should of said Staging Server?
It's just the site we test prior to pushing content to the live server.
Anyway, we just want the graphic designer, .NET, SQL contractors to be able
to login and make proper edits prior to uploading to the live server.
We actually paid Microsoft $200 to help set this up. I guess we should of
gotten our money back. We told them basically what we're saying here.
Given we want internal users to be able to publish to this server and we
want external users to be able to publish to this server, what would you
suggest we do?
Hugh
"Phillip Windell" <@.> wrote in message
news:eyZMhB%23BFHA.1004@TK2MSFTNGP15.phx.gbl...
> "Hugh G. Johnson" <hughgjohnsonNOT@comcast.net> wrote in message
> news:25idnfkK4JN8OGPcRVn-sA@comcast.com...
>> We have a Development Web Server we want external clients/developers to
>> be
>> able to view and login too, as well as people in our office to publish
> too.
>> We've tried Web Publishing Rules, but are not happy with the results, so
>> we're thinking out side the box (literally.) Would it be foolish to just
>> move the web server to just behind the router so it's on the external
>> side
>
> A "development webserver" implies to me that development code is stored on
> the server. It would be rather unwise to put the "family jewels" out on
> the
> Internet at all in any kind of situation.
>
>> of the ISA server? We could just port forward say say port 81 from the
>> router? Or, is it better to follow MS example of Tri-homed and place a
> third
>> NIC in the ISA box and run this to the Web server?
>
> Tri-Homed require a separate subnet that is *also* a Public set of
> addresses. You can not use Private addresses on the "third-leg". Although
> if you combine it with a Back-to-back DMZ you can "fudge" that. But if
> already have a Back-to-back DMZ then there isn't much point in the
> Tri-homed
> anyway,...just use the DMZ you already have.
>
>> What we didn't like about Web Publishing is we had to create accounts for
>> everyone that wanted to see the web server, and now when we do OWA we
>> have
>> to log in twice before we can view exchange or remote workspace.
>
> No you don't. You can publish an Anonymous Website with ISA just fine.
> Review the "choices" you made during the Publishing process. You must have
> made some wrong choices
>
> --
>
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>
- Next message: Dave Nickason [SBS MVP]: "Re: Setting SBS2003 as NTP Time Server"
- Previous message: MCSEGURU: "Re: To tri-homed, or not to tri-homed... that is the question"
- In reply to: Phillip Windell: "Re: To tri-homed, or not to tri-homed... that is the question"
- Next in thread: Phillip Windell: "Re: To tri-homed, or not to tri-homed... that is the question"
- Reply: Phillip Windell: "Re: To tri-homed, or not to tri-homed... that is the question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
