Re: [fw-wiz] PIX -> ISA -> OWA Configuration

From: Danny (nocmonkey_at_gmail.com)
Date: 05/05/05

  • Next message: Paul Melson: "RE: [fw-wiz] PIX -> ISA -> OWA Configuration"
    To: Jason Gomes <greyline@phreaker.net>
    Date: Thu, 5 May 2005 14:25:48 -0400
    
    

    On 5/1/05, Jason Gomes <greyline@phreaker.net> wrote:
    > What is the preferred placement for a OWA front-end server given these
    > two possible network configurations and why?
    >
    > 1) [Internet] <==> [PIX Firewall] <==> [ISA Proxy] <==> [PIX Firewall]
    > <==> [OWA] <==> [Internal Net w/Exchange Svr]
    >
    > 2) [Internet] <==> [PIX Firewall] <==> [ISA Proxy] <==> [OWA] <==> [PIX
    > Firewall] <==> [Internal Net w/Exchange Svr]
    >
    > Notes:
    > The ISA server is performing a reverse proxy for HTTPS connections.
    > In #1, the backend firewall will only allow port 443 through to OWA.
    > In #2, all ports required for OWA to communicate with the internal
    > exchange server is allowed.

    What type of clients? Road warrior employees with laptops? If so, how about:

    3) Verified client with proprietary VPN client and AES 256 -> Big bad
    Innernat -> Firewall only allowing connections from proprietary VPN
    client -> ISA Proxy -> OWA & Exchange

    ...D
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Paul Melson: "RE: [fw-wiz] PIX -> ISA -> OWA Configuration"