RE: [fw-wiz] NTLM authentication from DMZ

From: Peter Robinson (
Date: 09/23/02

From: "Peter Robinson" <>
To: "Reckhard, Tobias" <>, <>
Date: Mon Sep 23 09:14:03 2002


You will also need mod_ip_forwarding(Available in the apache contribs) and
mod_securid from

mod_ip_forwarding will allow the webserver to see the original address of
the requesting system not the proxy address
This is usefull for logging on the Webserver

I would suggest Apachetoolbox from and then
patch the mod_securid your self.

Hope this helps

Peter Robinson

Intellectis technopithicus dorkeae

-----Original Message-----
[]On Behalf Of Reckhard,
Sent: Monday, 23 September 2002 6:20 PM
Subject: RE: [fw-wiz] NTLM authentication from DMZ

Mikael Olsson wrote:
> My first recommendation would probably be: stick something in front
> of the OWA box that does SSL and authentication. If someone gets to
> the OWA box, it's more or less game over; if nothing else because
> of all the sensitive stuff that is usually available in people's
> inboxes, public folders, etc etc.

Heh, that's exactly what I'm about to have to implement here. I'm planning
to use Apache+mod_proxy+mod_ssl and RSA SecurID in front of an OWA server.
Does anyone by chance have any pointers to hints on how to set up such a

firewall-wizards mailing list