Re: Firewall *basic* SBS 2003: routing to inside server on different external IP address pool

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hi Larry. Thanks for the thought. I should have been clear as to all
the reasons I want this.

The SQL developer is telling me we need port 443 SSL for his SQL
server. He needs to run SQL reporting functions over SSL and wants
port 443.

The SBS server needs to stay on 443 for OWA.

So we need to have two separate IIS servers and both both on the same
port.

I don't know of an easier way to make this happen than putting another
IP address in place but if I can learn something new quickly that
would be great.

Thanks again.



On Mar 11, 3:08 pm, "Larry Struckmeyer" <lstruckmeyer(at)mis-
wizards(dot)com> wrote:
Hi:

Any reason why you don't use either RWW or hardware to hardware VPN, or in
the case of traveling employees, software to hardware vpn, plus RDP?  In the
case of RWW you have access to lots more than just the TS, and in the next
two cases you have one click RDP.

Putting your TS on a separate network is unnecessary.

--
Larry

<pclspo...@xxxxxxxxx> wrote in message

news:76fb14e6-ee8e-4814-83a8-72f8ee565828@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx



Hi everyone. We have a SBS 2003 server with SP1 and just added a combo
SQL/terminal server inside. The SBS server is at the gateway and we
are using the basic firewall to pass port 3395 to the Tserver.

Let's say the network card connected to the ISP's router --- the
outside IP address of the SBS server -- is 4.2.2.5 (and that is the
ONLY address the ISP gave us so we are stuck with it) .

The inside IP address of the SBS server is 192.168.15.2  and the
Terminal Server is at 192.168.15.3  . All is functional and working
well.  Because as you know we have the SBS firewall configured
simply..... to get to the terminal server we go to 4.2.2.5:3395  and
to get to OWA or www on the SBS server we go to http: // 4.2.2.5 in a
browser.

We purchased more IP addresses from the ISP (and they are in an
unrelated address space). Let's say they are 5.1.1.106  through
5.1.1.110 with a subnet mask of  225.225.225.248 .

I put 5.1.1.107 on the same network card as the 4.2.2.5 and I can ping
it from the outside. So that part is good. And http: //  5.1.1.107
shows the same website as 4.2.2.5 so we are good there.

My question is this:

What is the recommended or best way to configure the SBS firewall to
allow those new IP addresses to "pass through" to the SQL server
sitting at 192.168.15.3 ?

We previously made all our changes and configs in RRA for Local Area
Connection 2 > Properties  (this is the "outside" network card).   I
see there is an Address Space tab and also Reservations. Please can
someone offer a quick rundown of what steps are needed , or can you
point me at a document that gives a framework of how to do this?

Thank you in advance. I am remote to this server so would like to have
a way to do this without breaking my only way in of course. But I
might have to get in the car I am afraid.

Thanks again- Hide quoted text -

- Show quoted text -

.

Relevant Pages