[fw-wiz] Putting MS servers behind firewalls (Dilan Walgampaya)

From: Mark (firewalladmin_at_bellsouth.net)
Date: 06/08/04

  • Next message: Luca Berra: "Re: [fw-wiz] Putting MS servers behind firewalls"
    To: Tim Chettle <tim.chettle@orange.net>
    Date: Mon, 07 Jun 2004 18:01:50 -0400
    
    

    Hey, that is a good point, I like it. What about the Domain Controller
    though? I assume that is what is meant by "AD Server".

    Mark

    > However the point i was going to make was that rather than open up that high
    > number of connections, if you are using exchange 2003 and outlook 2003 you
    > can replicate over https and if you deploy a sharepoint services on the box
    > again you can browse using https

    =================================================================

    > > Hi Wizards,
    > >
    > > I ran in to a problem putting Microsoft Servers behind a firewall. The
    > > users has to go through the FW to access the servers. The servers I
    > > wanted to put are on an AD domain. There were AD server, File server and
    > > an Exchange server. These servers need a large no. of services opened
    > > for proper operation. The worse is that exchange server work in a
    > > dynamic port setup where the server opens a random port for each
    > > different client. MS site has some registry edits that is supposed to
    > > correct this dynamic port setup issue. But when I tried these they did
    > > not work as per the document describes.
    > >
    > > Has anybody done this kind of a setup (with other than an ISA server).
    > > I am interested in doing this with Netscreen/Pix and Linux IPTables. Any
    > > help is appreciated.
    > >
    > >
    > >
    > > Thanks in advance
    > >
    > > Dilan
    > >
    > >
    > > --__--__--
    > >
    > > _______________________________________________
    > > firewall-wizards mailing list
    > > firewall-wizards@honor.icsalabs.com
    > > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    > >
    > >
    > > End of firewall-wizards Digest
    >
    >
    > ---
    > Outgoing mail is certified Virus Free.
    > Checked by AVG anti-virus system (http://www.grisoft.com).
    > Version: 6.0.698 / Virus Database: 455 - Release Date: 02/06/2004
    >
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Luca Berra: "Re: [fw-wiz] Putting MS servers behind firewalls"

    Relevant Pages

    • Re: Client performance problem windows 2003 server...
      ... >Subject: Re: Client performance problem windows 2003 server... ... >Deploying Active Directory for Branch Office Environments ... >results from not having a domain controller in a particular site. ... incorrectly applied site coverage will be bad for clients ...
      (microsoft.public.windows.server.networking)
    • Re: Client performance problem windows 2003 server...
      ... Testing server: Verkstadsgatan\VERKTYG ... Deploying Active Directory for Branch Office Environments ... results from not having a domain controller in a particular site. ... incorrectly applied site coverage will be bad for clients ...
      (microsoft.public.windows.server.networking)
    • RE: NTDS.dit file is currupt
      ... "microsoft" wrote:> We are currently facing a serious problem with one our client server. ... > After rebooting the machine in directory services restore mode, I had> followed the steps below; ntdsutil neither defrag Active Directory Database> nor repair. ... Restart the domain controller. ... Check the integrity of the Active Directory database. ...
      (microsoft.public.win2000.active_directory)
    • Re: Thoroughly confused SBS 2003 Server
      ... fact I first had SBS running on the box that now has the Server Enterprise ... A year ago or moe I put up the second server and made it a domain controller ... The replication generated an error: ...
      (microsoft.public.windows.server.sbs)
    • Re: Big trouble with DC in China
      ... > Since then, this server has so may errors in the event logs (KCC, ... > DNS, FRS) that I wouldnt know where to start. ... > Source domain controller address: ...
      (microsoft.public.windows.server.active_directory)