RE: [fw-wiz] Putting MS servers behind firewalls

• Previous message: Dilan Walgampaya: "[fw-wiz] Putting MS servers behind firewalls"
• Maybe in reply to: Dilan Walgampaya: "[fw-wiz] Putting MS servers behind firewalls"
• Next in thread: Dilan Walgampaya: "More infor - Re: [fw-wiz] Putting MS servers behind firewalls"
• Reply: Dilan Walgampaya: "More infor - Re: [fw-wiz] Putting MS servers behind firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: dilan@dpitl.com, firewall-wizards@honor.icsalabs.com
Date: Mon, 07 Jun 2004 08:40:18 -0700

What are the exact services you are trying to run through the fw? I use to
have Outlook running through our pix fw, but because I got paranoid about
having so many ports open I now force users to use OWA (through ssl) or log
in to the VPN.

When we were using Outlook, I did following the MS KB article and forced it
to use only the ports I chose and opened those up on the fw. Worked like a
champ, but again, bad idea in my eyes.

I'm curious about what other services you're talking about running through.
Are these services exposed to the Internet or some Intranet?

regards,
Michael

>From: Dilan Walgampaya <Dilan@dpitl.com>
>Reply-To: Dilan Walgampaya <dilan@dpitl.com>
>To: firewall-wizards@honor.icsalabs.com
>Subject: [fw-wiz] Putting MS servers behind firewalls
>Date: Mon, 07 Jun 2004 12:23:34 +0600
>
>Hi Wizards,
>
> I ran in to a problem putting Microsoft Servers behind a firewall. The
>users has to go through the FW to access the servers. The servers I wanted
>to put are on an AD domain. There were AD server, File server and an
>Exchange server. These servers need a large no. of services opened for
>proper operation. The worse is that exchange server work in a dynamic port
>setup where the server opens a random port for each different client. MS
>site has some registry edits that is supposed to correct this dynamic port
>setup issue. But when I tried these they did not work as per the document
>describes.
>
> Has anybody done this kind of a setup (with other than an ISA server). I
>am interested in doing this with Netscreen/Pix and Linux IPTables. Any help
>is appreciated.
>
>
>
>Thanks in advance
>
>Dilan
>_______________________________________________
>firewall-wizards mailing list
>firewall-wizards@honor.icsalabs.com
>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Dilan Walgampaya: "[fw-wiz] Putting MS servers behind firewalls"
• Maybe in reply to: Dilan Walgampaya: "[fw-wiz] Putting MS servers behind firewalls"
• Next in thread: Dilan Walgampaya: "More infor - Re: [fw-wiz] Putting MS servers behind firewalls"
• Reply: Dilan Walgampaya: "More infor - Re: [fw-wiz] Putting MS servers behind firewalls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]