Re: VPN Port
- From: "scalhoon" <scalhoon@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 17 May 2005 06:28:04 -0700
Yes, Marina is absolutely correct, ditch the DMZ and remove the wireless
router from in front of SBS if you have ISA properly configured. If you don't
have ISA, I sure hope you have something protecting your box, as it was
probably rooted in about 30 seconds once it was put in the DMZ. Pray you at
least had 2003 SBS with windows firewall enable. Otherwise that’s not your
server anymore.
Again, unless you have ISA or an equivalent, don't put your server in the
DMZ of a cheap hardware firewall. The DMZ for those cheap routers is just as
tough and nasty of a place as a direct internet connection, as the DMZ
usually forwards all traffic inward to the IP you specify.
I realize I should have been clearer in my first post when I said, "I
imagine you do use ISA to publish your web services such as RWW, etc. If not
I highly recommend you use it over a wireless router." I should have said
this instead, "If not I highly recommend you use it INSTEAD of a wireless
router", so there was less confusion. That was the intention I was trying to
convey.
I assumed you had ISA on your server acting as protection since you put
the server in the DMZ. But now it sounds like you don't. Putting an
unprotected server in the DMZ didn't even enter my head as a possibility as
it is akin to suicide. If you don't have ISA, Windows Firewall, etc.., I
would get my server the heck out of the DMZ NOW! Don't forget to take at
least 3 back-to-back hot showers with plenty of soap to try and wash that raw
Internet scum off, lol. I would seriously look for any intrusion attempts
after that and possibly consider a reinstall.
If you didn't have protection, once you fix the SBS machine, put it back
as an internal host and configure port forwarding for the services you wanted
to publish.
If you do have ISA, sweet, set it up, and get that cheap router out of the
way and let the VPN goodness begin.
"Marina Roos [SBS-MVP]" wrote:
> Hi Mike,
>
> Bad idea to put the sbs in the DMZ.
>
> How do I configure the server for Remote Access?:
> http://www.smallbizserver.net/Default.aspx?tabid=133
>
> --
> Regards,
>
> Marina Roos
> Microsoft SBS-MVP
> One of the Magical M&M's
> www.smallbizserver.net
> Take part in SBS forum:
> http://www.smallbizserver.net/Default.aspx?tabid=53
>
> "Mike" <mike@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> schreef in bericht
> news:%23xSp5CmWFHA.616@xxxxxxxxxxxxxxxxxxxxxxx
> > I have a Router in front of my SBS box (to allow wireless access outside
> the
> > network) and currently have listed the SBS IP in the DMZ. RWW works but
> the
> > VPN doesn't. I am not sure if the VPN went down before the router was
> > installed and is due to another issue.
> >
> > If the SBS box is listed to be in the DMZ of the router, should the VPN
> work
> > or do I need to port the router?
> >
> > What is the VPN port?
> >
> > Mike
> >
> >
>
>
>
.
- Follow-Ups:
- Re: VPN Port
- From: Mike
- Re: VPN Port
- From: Mike
- Re: VPN Port
- References:
- VPN Port
- From: Mike
- Re: VPN Port
- From: Marina Roos [SBS-MVP]
- VPN Port
- Prev by Date: Re: Clients cannot access external internet - server can - Please Help
- Next by Date: RE: Publishing Companyweb on the Internet
- Previous by thread: Re: VPN Port
- Next by thread: Re: VPN Port
- Index(es):
Relevant Pages
|
