Re: SBS Prem on dual homed system HELP
From: Matt Gibson (mattg_at_blueedgetech.ca)
Date: 02/07/05
- Next message: Dave Nickason [SBS MVP]: "Re: CD drive causes SBS to hang"
- Previous message: D Caldwell: "Any hints & tips for installing LC 2005 Standard?"
- In reply to: chris landman: "Re: SBS Prem on dual homed system HELP"
- Next in thread: chris landman: "Re: SBS Prem on dual homed system HELP"
- Reply: chris landman: "Re: SBS Prem on dual homed system HELP"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 7 Feb 2005 12:30:03 -0800
Usually at least.
25 - SMTP for incoming mail
443 - HTTPS for OWA
3389 - Terminal Services
I don't have RWW on this server, but that would be port 4125
Matt Gibson - GSEC
"chris landman" <chris landman@lsls.skls> wrote in message
news:utUO6MVDFHA.3888@TK2MSFTNGP09.phx.gbl...
> So I need those three ports open?
>
> --
> Chris Landman
> "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
> news:%23B5QxGODFHA.3376@TK2MSFTNGP12.phx.gbl...
>> Your PIX config should look something like this.
>>
>> (A lot is cut out, this is the stuff for port forwarding.
>>
>> no fixup protocol smtp 25
>> access-list acl_out permit tcp any host 204.50.X.X eq 3389
>> access-list acl_out permit tcp any host 204.50.X.X eq smtp
>> access-list acl_out permit tcp any host 204.50.X.X eq 443
>>
>> Matt Gibson - GSEC
>>
>>
>> "chris landman" <chris landman@lsls.skls> wrote in message
>> news:OJ3CwxMDFHA.4052@TK2MSFTNGP15.phx.gbl...
>> I had that port opened, but could not connect. I use a PIX, so it is a
>> statefull firewall. I wonder if that is stopping it. Is 443 the only
>> port I need to open?
>>
>> --
>> Chris Landman
>> "Cris Hanna [SBS-MVP]" <crisnospamhanna@computingnospampossibilities.net>
>> wrote in message news:Off79sMDFHA.1564@TK2MSFTNGP09.phx.gbl...
>> Ideally port 443 so you can run OWA over SSL
>> http://www.smallbizserver.net/Default.aspx?tabid=83
>>
>>
>> --
>> Cris Hanna [SBS - MVP]
>> ---------------------------------------
>> Please reply only to the newsgroup and not to me directly so that
>> everyone can benefit from the information
>> "chris landman" <chris landman@lsls.skls> wrote in message
>> news:etgaHkMDFHA.3504@TK2MSFTNGP12.phx.gbl...
>> No, both locations are not SBS. The only thing is that I do not want SBS
>> to act as a proxy server. I guess I could just use one NIC and let my
>> PIX do the firewall function. I just wanted an extra layer of security.
>> If I just use an internal NIC, what do I need to forward through the
>> firewall to be able to use OWA?
>>
>> --
>> Chris Landman
>> "Cris Hanna [SBS-MVP]" <crisnospamhanna@computingnospampossibilities.net>
>> wrote in message news:uUes7BJDFHA.520@TK2MSFTNGP09.phx.gbl...
>> Christopher
>> You should absolutely visit www.smallbizserver.net and check out the
>> information on configurations there
>>
>> ISA is designed to protect the internal network by acting as a firewall
>> on the external nic. The external facing nic (in your case the one that
>> would connect to your PIX) must be a on different subnet from your
>> internal nic
>>
>> I'm not sure why you considering adding another level of complexity to
>> your setup. You have a hardware firewall protecting each internal
>> network. You could of course increase the protection by adding ISA. But
>> you need to do a little studying and you would be making some big changes
>> to your existing networks on both and you could be looking at some down
>> time.
>>
>> Are both locations SBS ?
>>
>> --
>> Cris Hanna [SBS - MVP]
>> ---------------------------------------
>> Please reply only to the newsgroup and not to me directly so that
>> everyone can benefit from the information
>> "CHRISTOPHER LANDMAN" <clandman@email.uophx.edu> wrote in message
>> news:uerpMsIDFHA.2676@TK2MSFTNGP12.phx.gbl...
>> I am tiring to setup a SIBS with two nic cards. The IP address scheme
>> inside the network is 192.168.1.x at the first site and 192.168.5.x at
>> the second site. We have a VPN that connects the two. Our PIX firewall
>> handles the VPN. (PIX to PIX) I would like to get an inside and an
>> outside nic going. I would like to use private IPs for both of them and
>> forward traffic to the outside nic to handle clients outside the network.
>> Both sites will use the inside nic for Exchange and DC. Can you tell me
>> how to set the nic cards on the server and what to use on the clients?
>> Is there a better way of doing this. I do not want the external nic to
>> have a public IP address. Could I use an IP address in the 192.168.1.x
>> subnet (same subnet as my inside nic at site one)? I am going to set ISA
>> server up once I get this problem taken care of..although, I do not want
>> my clients to use ISA as a proxy server. Also, once I install ISA
>> server, what do I need to do to make sure replication can occur between
>> DCs. Is it possible to only implement ISA on the outside nic?
>>
>>
>> Thanks,
>>
>> --
>> Chris Landman
>>
>
>
- Next message: Dave Nickason [SBS MVP]: "Re: CD drive causes SBS to hang"
- Previous message: D Caldwell: "Any hints & tips for installing LC 2005 Standard?"
- In reply to: chris landman: "Re: SBS Prem on dual homed system HELP"
- Next in thread: chris landman: "Re: SBS Prem on dual homed system HELP"
- Reply: chris landman: "Re: SBS Prem on dual homed system HELP"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
