Re: [fw-wiz] Accessing a internal server from DMZ
From: Kevin Sheldrake (kev_at_electriccat.co.uk)
Date: 08/20/04
- Previous message: Christopher Hicks: "Re: [fw-wiz] Top Secret DOD Data over the Public Internet? Thoughts?"
- In reply to: jao silva: "[fw-wiz] Accessing a internal server from DMZ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "jao silva" <gustavo_caeiro@yahoo.com.br>, firewall-wizards@honor.icsalabs.com Date: Fri, 20 Aug 2004 16:42:15 +0100
Hello
The Qmail in the DMZ must communicate with the internal LAN, mustn't it?
How else do your internal users get their email?
The following suggestions are based on the information you provided;
without a statement of all your information requirements it's hard to
provide an accurate answer. ;)
Your LDAP server would probably be best in the internal LAN, mainly
because I expect this to be where the primary clients will sit. What
protocol(s) will Qmail require to communicate with the LDAP server?
X.500? Microsoftisms?
If your firewall is secure, and your servers are patched and properly
configured then you should be fine having the Qmail communicating with the
LDAP server; I'm assuming it already communicates with internal email
servers or clients.
If this all sounds mad then provide some more info and I'll have another
go.
Kev
> Hello,
>
> I want to setup a authentication server using LDAP
> that will be used both by Samba and by Qmail.
>
> However, Qmail is on the DMZ and Samba obviously is on
> the internal LAN.
>
> Ideally, a DMZ should not be accepted to communicate
> with an internal LAN.
>
> What should I do in this case?
>
> Regards,
> gustavo
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
>
>
>
-- Kevin Sheldrake MEng MIEE CEng CISSP Electric Cat (Bournemouth) Ltd -- Outgoing mail is certified Virus Free. Checked by AVG Anti-Virus (http://www.grisoft.com). Version: 7.0.262 / Virus Database: 264.6.4 - Release Date: 19/08/2004 _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Christopher Hicks: "Re: [fw-wiz] Top Secret DOD Data over the Public Internet? Thoughts?"
- In reply to: jao silva: "[fw-wiz] Accessing a internal server from DMZ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
