Re: Neat trick: using SBS 2003 basic RRAS firewall for routing used SBS ports to a secondary server - keywords Address Pool , Reservations
- From: pclsposts@xxxxxxxxx
- Date: Fri, 2 May 2008 08:55:58 -0700 (PDT)
On Mar 15, 1:32 pm, "Gregg Hill" <bo...@xxxxxxxxxxx> wrote:
I hate it when people change threads!
Thank you for the tip...I'll go read the original post.
Gregg Hill
"Larry Struckmeyer" <lstruckmeyer(at)mis-wizards(dot)com> wrote in message
news:uV2wjaphIHA.5368@xxxxxxxxxxxxxxxxxxxxxxx
Hi Guys:
Don't want to drag this out, but a couple of you seem perplexed by this
post, so here is the explanation.
If you go back a day, or sort on names, you can see the first post by
pclspostson this issue, where Cris and I and others suggested RWW and
Router/firewalls to solve this issue. Pclspostsevidently felt he needed
to come up with a solution that allowed for the results that he posted
without adding any additional hw to the mix.
When he figured it out (kudos and well done btw), he posted in a new
thread instead of continuing the original. A bit of crowing on his part,
but probably not completely un deserved.
--
Larry
"Gregg Hill" <bo...@xxxxxxxxxxx> wrote in message
news:uIOdximhIHA.6084@xxxxxxxxxxxxxxxxxxxxxxx
"Both needed to be "through" the SBS server, and that's that."
Well explained!
Geez, even a $30 home router would make life easier.
Why, pray tell, do both need to be "through" the SBS server?
Gregg Hill
<pclspo...@xxxxxxxxx> wrote in message
news:4de923eb-fcff-4544-aeac-a36069eb9885@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
To save anyone the time of asking, we did this because we needed to
have two different servers, routed via SBS's firewall, BOTH available
on port 443 for SSL. No port remapping allowed.
One for OWA (the SBS) and one for the SQL reporting function via IIS
on the second server.
Both needed to be "through" the SBS server, and that's that.
No way to do it (evidently) unless you either buy a firewall. Or do it
this way. For free.
Please shoot holes in the security of this plan. Surely someone can
complain and poo poo. Please do!
Enjoy.- Hide quoted text -
- Show quoted text -
Hey, one correction: the .105 address was NOT routable, nor was the .
110 routable (see below). So be sure you DO NOT include them when
specifying the address pool or your client computers INSIDE might
grab one of those addresses and exhibit "not able to get on the
Internet" problems that will be like an unwhackable whack-a-mole...
From my previous post, the part that needs correction:
Add them all into the Address Pool portion of the external interfaces
Properties (go to the same place where you would normally add
Services
for forwarding). Add them all being sure to properly specify the pool
and subnet. In our case, the first IP was .105, the last was .111 and
the mask was .248 .
-------------
Btw, the reason I implemented the solution, and continue to use this
solution, was because a simple "home router" (as one of the previous
posters suggested) would NOT do what I needed, and the customer was
not about to buy a PIX or an ASA.
Unless you have a router that supports one to one mappings you cannot
have the same port (443) go to to different IP addresses unless you
use port remapping (which also was NOT an option since 443 needed to
be left alone for RWW and OWA, and on the second server 443 needed to
be left alone for the SQL Reporting functions.
If you can make a cheap router do exactly what I need, please do let
us know. I bet it won't work.
Have a good one.
.
- Prev by Date: Re: Erroneous Printing errors in event log
- Next by Date: MS - Proxy Issue
- Previous by thread: Vista PC cannot rdp via RWW to Servers
- Next by thread: MS - Proxy Issue
- Index(es):
Relevant Pages
|
|
