Re: SBS Prem on dual homed system HELP
From: chris landman (landman_at_lsls.skls)
Date: 02/07/05
- Next message: Dave Bunch: "SBS 2003/Exchange 2003 Currently POP wanting to move to SMTP"
- Previous message: Chad A. Gross [SBS MVP]: "Re: Loss of connection"
- In reply to: Matt Gibson: "Re: SBS Prem on dual homed system HELP"
- Next in thread: Matt Gibson: "Re: SBS Prem on dual homed system HELP"
- Reply: Matt Gibson: "Re: SBS Prem on dual homed system HELP"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 7 Feb 2005 14:26:10 -0600
So I need those three ports open?
-- Chris Landman "Matt Gibson" <mattg@blueedgetech.ca> wrote in message news:%23B5QxGODFHA.3376@TK2MSFTNGP12.phx.gbl... > Your PIX config should look something like this. > > (A lot is cut out, this is the stuff for port forwarding. > > no fixup protocol smtp 25 > access-list acl_out permit tcp any host 204.50.X.X eq 3389 > access-list acl_out permit tcp any host 204.50.X.X eq smtp > access-list acl_out permit tcp any host 204.50.X.X eq 443 > > Matt Gibson - GSEC > > > "chris landman" <chris landman@lsls.skls> wrote in message > news:OJ3CwxMDFHA.4052@TK2MSFTNGP15.phx.gbl... > I had that port opened, but could not connect. I use a PIX, so it is a > statefull firewall. I wonder if that is stopping it. Is 443 the only > port I need to open? > > -- > Chris Landman > "Cris Hanna [SBS-MVP]" <crisnospamhanna@computingnospampossibilities.net> > wrote in message news:Off79sMDFHA.1564@TK2MSFTNGP09.phx.gbl... > Ideally port 443 so you can run OWA over SSL > http://www.smallbizserver.net/Default.aspx?tabid=83 > > > -- > Cris Hanna [SBS - MVP] > --------------------------------------- > Please reply only to the newsgroup and not to me directly so that everyone > can benefit from the information > "chris landman" <chris landman@lsls.skls> wrote in message > news:etgaHkMDFHA.3504@TK2MSFTNGP12.phx.gbl... > No, both locations are not SBS. The only thing is that I do not want SBS > to act as a proxy server. I guess I could just use one NIC and let my PIX > do the firewall function. I just wanted an extra layer of security. If I > just use an internal NIC, what do I need to forward through the firewall > to be able to use OWA? > > -- > Chris Landman > "Cris Hanna [SBS-MVP]" <crisnospamhanna@computingnospampossibilities.net> > wrote in message news:uUes7BJDFHA.520@TK2MSFTNGP09.phx.gbl... > Christopher > You should absolutely visit www.smallbizserver.net and check out the > information on configurations there > > ISA is designed to protect the internal network by acting as a firewall on > the external nic. The external facing nic (in your case the one that > would connect to your PIX) must be a on different subnet from your > internal nic > > I'm not sure why you considering adding another level of complexity to > your setup. You have a hardware firewall protecting each internal > network. You could of course increase the protection by adding ISA. But > you need to do a little studying and you would be making some big changes > to your existing networks on both and you could be looking at some down > time. > > Are both locations SBS ? > > -- > Cris Hanna [SBS - MVP] > --------------------------------------- > Please reply only to the newsgroup and not to me directly so that everyone > can benefit from the information > "CHRISTOPHER LANDMAN" <clandman@email.uophx.edu> wrote in message > news:uerpMsIDFHA.2676@TK2MSFTNGP12.phx.gbl... > I am tiring to setup a SIBS with two nic cards. The IP address scheme > inside the network is 192.168.1.x at the first site and 192.168.5.x at the > second site. We have a VPN that connects the two. Our PIX firewall > handles the VPN. (PIX to PIX) I would like to get an inside and an > outside nic going. I would like to use private IPs for both of them and > forward traffic to the outside nic to handle clients outside the network. > Both sites will use the inside nic for Exchange and DC. Can you tell me > how to set the nic cards on the server and what to use on the clients? Is > there a better way of doing this. I do not want the external nic to have > a public IP address. Could I use an IP address in the 192.168.1.x subnet > (same subnet as my inside nic at site one)? I am going to set ISA server > up once I get this problem taken care of..although, I do not want my > clients to use ISA as a proxy server. Also, once I install ISA server, > what do I need to do to make sure replication can occur between DCs. Is > it possible to only implement ISA on the outside nic? > > > Thanks, > > -- > Chris Landman >
- Next message: Dave Bunch: "SBS 2003/Exchange 2003 Currently POP wanting to move to SMTP"
- Previous message: Chad A. Gross [SBS MVP]: "Re: Loss of connection"
- In reply to: Matt Gibson: "Re: SBS Prem on dual homed system HELP"
- Next in thread: Matt Gibson: "Re: SBS Prem on dual homed system HELP"
- Reply: Matt Gibson: "Re: SBS Prem on dual homed system HELP"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
