Re: PIX FireWall and SBS
From: Marina Roos [SBS-MVP] (marina_at_roos.nodontwantspam.nl.com)
Date: 02/19/05
- Next message: David Copeland [MSFT]: "Re: Second 2003 Exchange server in SBS domain"
- Previous message: Marina Roos [SBS-MVP]: "Re: PIX FireWall and SBS"
- In reply to: Duane Murphy: "Re: PIX FireWall and SBS"
- Next in thread: Duane Murphy: "Re: PIX FireWall and SBS"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 19 Feb 2005 20:43:36 +0100
And it wasn't down for 2 days, just a bit more than 24 hours. Sorry about
the inconvenience.
-- Regards, Marina Microsoft SBS-MVP One of the Magical M&M's "Duane Murphy" <duane@m-i-s.com> schreef in bericht news:%23kpZzorFFHA.560@TK2MSFTNGP15.phx.gbl... > I have tried opening the website for 2 days now and it seems to be dead. Any > alternate address to get the mentioned informaiton? > > "Stuart Mackie [MCSE MCSA]" <newsgroups@--REMOVE_THIS-NO_SPAM--stu.uk.com> > wrote in message news:%23OGmfXbFFHA.2676@TK2MSFTNGP12.phx.gbl... > > Hi Duane. I would advise using the dual nic setup with SBS2k3 and the > > PIX. Its unfortunate you are unable to use ISA since you will have no way > > in controlling access to the internet. www.smallbizserver.net has example > > network configurations for two nics and a router which will show the IP > > requirements. You server would be configured to use the PIX as a gateway, > > and the workstations would use the server internal nic as a gateway. > > > > PIX -- Server Ext Nic > > | > > Server Int Nic -- Switch -- Workstations > > > > > > To configure your PIX for use with a DSL PPoE DHCP connection use the > > commands below in CONFIG mode : > > > > ip address outside pppoe setroute > > ip address inside 192.168.1.1 255.255.255.0 > > vpdn group ISP request dialout pppoe > > vpdn group ISP ppp authentication pap > > vpdn group ISP localname [dsl-username] > > vpdn username [dsl-username] password [dsl-password] > > > > global (outside) 1 interface > > nat (inside) 1 192.168.1.1 255.255.255.0 0 0 > > > > > > Replace the dsl-username and dsl-password with appropriate details from > > your ISP. The IP addresses referring to the internal side of the PIX may > > also need to change depending on what you are currently using. > > > > If Earthlink do not use PPoE the configuration above won't be usable. > > > > > > If you would like to post your current configuration before making any > > changes I will post the list of commands to use rather than just the whole > > configuration ? (at the CLI type 'show running' remove any usernames or > > passwords before posting) > > > > -- > > Hth, > > Stuart Mackie > > www.stu.uk.com > > MCSA: & MCSE: Security > > > > > > "Duane Murphy" <DuaneMurphy@discussions.microsoft.com> wrote in message > > news:954C5DBA-D5C8-4509-BC17-65D7370C6028@microsoft.com... > >> We have a single NIC in the server. > >> The dsl as I understand in ethernet in, provided by Earthlink. (Will > >> verify > >> more Friday AM when I confrence with the installing engineer of the DSL) > >> Most of the configureation has been done via the Web Interface. I have no > >> issue with the CLI if I know what commands to issue. > >> > >> "Stuart Mackie [MCSE MCSA]" wrote: > >> > >>> Hi Duane. Cisco Support is absolutely great, but I'm a little unsure if > >>> they haven't misunderstood your problem. As far as I understand a PIX > >>> can > >>> handle a dynamic external IP without having to act as DHCP for the > >>> internal > >>> network. > >>> > >>> Can you provide more information on how many network cards you have in > >>> your > >>> server, and the configuration requirements of your DSL line such as PPoE > >>> or > >>> PPoA etc ? Also, how are you configuring the PIX, through the web > >>> interface > >>> or via the CLI ? > >>> > >>> -- > >>> Hth, > >>> Stuart Mackie > >>> www.stu.uk.com > >>> MCSA: & MCSE: Security > >>> > >>> > >>> "Duane Murphy" <DuaneMurphy@discussions.microsoft.com> wrote in message > >>> news:EA2B62F5-CE8C-4696-9994-DB6D2D3831AE@microsoft.com... > >>> > We have a single DSL connection terminating to a Cisco PIX box with a > >>> > Dymanic > >>> > IP on the out side, and according to Cisco need to provide DHCP to all > >>> > inside > >>> > machines (2 workstations & 1 Win2K3 Single honed Server) > >>> > > >>> > When I let the PIX box provide DHCP the everybody can see the internet > >>> > and > >>> > initially the Win2K3 server via IP. We can NOT see the MyCompany > >>> > Website, > >>> > and > >>> > we see delays when trying to open documents 3-4 minutes. > >>> > > >>> > When we Enable DHCP on the Win2k3 server we can access the MyCompany > >>> > Website, and docs seem to open imeadietely, however we lose access to > >>> > the > >>> > web. > >>> > > >>> > Cisco tells me that because of the Dynamic IP on the outside of the > >>> > Firewall > >>> > it must provide DHCP to the internal stations, or the firewall block > >>> > traffice > >>> > from going out. We have put in a request for a Static IP but that will > >>> > not > >>> > be > >>> > provisioned for up to 3 weeks. > >>> > > >>> > Any suggestions? I was told maybe an entry in the host file on the XP > >>> > workstations pointing back to the Win2K3 server? > >>> > > >>> > Thanks Duane > >>> > >>> > >>> > > > > > >
- Next message: David Copeland [MSFT]: "Re: Second 2003 Exchange server in SBS domain"
- Previous message: Marina Roos [SBS-MVP]: "Re: PIX FireWall and SBS"
- In reply to: Duane Murphy: "Re: PIX FireWall and SBS"
- Next in thread: Duane Murphy: "Re: PIX FireWall and SBS"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
