RE: Multiple public ip and pix firewall

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hi John,

Thank you for posting in the public SBS newsgroup.

Based on my knowledge, SBS only requires 1 public IP address. By using the
IP address, SBS will be able to:

- Hold default web site and the companyweb.
- Share network connections and allow internal users to access the internet.
- Hold VPN server role and allow remote VPN connections.
- Publish network services.

To use the above features, you must:

- Forward port 80 and 443 to the SBS server for the default web site
(including OWA, RWW, etc.).
- Forward port 4125 to the SBS server for RWW and then RDP to the
server/clients.
- Forward port 444 to the SBS server for the companyweb publishing.
- Forward port 1723 to the SBS server and enable GRE protocol 47 for PPTP
VPN connection.

To achieve this goal, you must then run the SBS CEICW wizard. (Open Server
Management, click To Do List, and click Connect to the Internet)

Please contact your Router's provider to make sure that you're able to
forward the ports to the SBS server. Otherwise, SBS will not able to be
configured automatically and many features will not work properly.

For multiple public IP addresses, it is not necessary for SBS server.
However, if you have multiple IP addresses, you will be able to hold more
sites and complete other tasks.

I hope the above info helps. If there's anything unclear, please don't
hesitate to let me know.

Regards,

Bill Peng
MCSE 2000, MCDBA
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>Thread-Topic: Multiple public ip and pix firewall
>thread-index: AcWICwjC/iK9ouXVRfS82l/KbdwVoA==
>X-WBNR-Posting-Host: 207.119.55.28
>From: "=?Utf-8?B?Sm9obg==?=" <John@xxxxxxxxxxxxxxxxxxxxxxxxx>
>Subject: Multiple public ip and pix firewall
>Date: Wed, 13 Jul 2005 17:29:02 -0700
>Lines: 29
>Message-ID: <79BADC12-855A-4C91-8EDB-6128742AF14D@xxxxxxxxxxxxx>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.server.sbs
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:135558
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>Using SBS preimium (ISA not installed as of yet)
>
>Needing a solution. Busisiness class broadband and the ISP supplied 5
static
>ip's. Cisco PIX (vendor required as per a service contract for 2 unix
boxes
>for VPN). From what I have read this device can only port forward
1024-65535
>and no host headers.
>
>What I would like. time services needs port udp 123.
>SBS for the users to connect for remote e-mail and remote desk top. two
>member win2k servers with ssl sites for authorized access to those sites.
>(unix boxes push to the win2k boxes)
>
>ports 80 and 443 will overlap between sbs and the win2k's.
>
>open for sugestions.
>
>Possibility one: ISA behing the cisco and set up publishing rules utlizing
>host headers ( would require registering an additional domain.) should the
>ISA nic be in the DMZ?
>
>Posibilty two: Change ports for SBS ports 80 and 443. would require users
to
>enter the port number when connecting.
>
>Posibility three: copy the remote conection executable to a cd and have
the
>users install it on there own computer alogn with instruction to start the
>connection and then use the client remote desktop connection to connect.
>
>Any suggestions on taking advantage of the multiple static ip's? What
would
>be needed?
>

.

Relevant Pages

  • Re: Still cant connect to RWW or OWA remotely
    ... it certainly appears to be something about the SBS configuration. ... Meridian.local Ethernet adapter Local Area Connection: ... Windows SMALL BUSINESS SERVER 2003 Windows IP Configuration ... 192.168.254.254) directly to a port on the router and then ...
    (microsoft.public.windows.server.sbs)
  • Re: Still cant connect to RWW or OWA remotely
    ... it certainly appears to be something about the SBS configuration. ... Meridian.local Ethernet adapter Local Area Connection: ... Windows SMALL BUSINESS SERVER 2003 Windows IP Configuration ... 192.168.254.254) directly to a port on the router and then ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote Access
    ... I do have a router connected to the internet SBS server and port 4125 is ... I have also had the same connection issue on an XP Home box. ...
    (microsoft.public.windows.server.sbs)
  • RE: Configure Hardware Firewall for SBS 2003
    ... the corresponding ports to the SBS box. ... When a router is deployed at the SBS end, you must forward the port numbers ... TCP 110 This port is used for POP3 mail clients. ... TCP 1723 PPTP VPN connection ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote Web Workplace Partially Works
    ... With ISA installed in integrated mode, ... so don't bother looking in there for the filter for port 4125. ... Les Connor [SBS Community Member - SBS MVP] ... > ditto for the Remote Connection Disk but I was looking for straws to grasp ...
    (microsoft.public.windows.server.sbs)