Re: Firewall, VPN and SQL Server

From: ELE OLO (dingtan_at_eleolo.com)
Date: 09/30/03 

Date: 30 Sep 2003 07:55:31 -0700

Hi, Mike,

1) Is someone suggesting to put the Linux Firewall/VPN in DMZ ? If
so, do you
already have another firewall at the main gateway ? It does make
sense to
have a linux VPN in another location, if you already have a firewall
to
act as traffic cop for the traffic dedicated to the Linux VPN in the
DMZ. Forwarding traffic to another server especially when you are
dealing with issues with NAT & outside accessible 2-way traffic does
make sense.

2) Create a IPSEC VPN site-to-site using a small firewall/vpn
box/software residing on the ISS server, and make the appropriate
configurations on the gateway firewall to handle the secure 2 way
traffic to the secure SQL server on the inside. The setup you needs
to be take care of vpn traffic initiated from both inside and outside
using site-to-site VPN.

Dean

Mike Forman <ec-nospam@microsoft.com> wrote in message news:<74883250.0000426f.062@drn.newsguy.com>...
> I'm setting up a linux firewall for my companies T1. All of our other machines
> will be windoze. I also need to setup a Windows VPN server (can't use the linux
> clients for reasons I can't get into here).
>
> 1) Someone suggested to me that I put the VPN in the linux DMZ and foward the
> ports to that machine. Does that make sense?
>
> 2 I also have another security question which I have no idea how to handle. We
> have some application (IIS) servers that we want on the internet. I can put
> those outside of the firewall (or port foward 80 to that machine), BUT those
> machines will need access to servers INSIDE the fireall (SQL Server). Any
> suggestions on how to handle this one? I haven't a clue :(
>
> -Mike

Relevant Pages

  • Re: Linux or BSD alternative to Windows Home Server
    ... My questions were about Gentoo vs. Linux for a sever, ... I will probably eventually have a dedicated firewall ... if you were to have a file server which is accessible ... I'm aware that I could probably create scripts to regularly backup ...
    (comp.os.linux.misc)
  • Re: More on Remote Desktop
    ... Chances are good, though, that he's already got VPN capabilities on his ... firewall to do it for $100. ... > server at home...or purchase additional/new hardware... ... >> my firewall makes the PPPoE connection to my ADSL ISP. ...
    (microsoft.public.windowsxp.network_web)
  • Re: More on Remote Desktop
    ... You realize the Remote Desktop data stream is encrypted the same as a PPTP VPN link... ... Unless of course the original poster wants to implement an L2TP/IPSec VPN server at home...or ... > firewall to get between your clients and server on your own LAN. ... > setup so that my firewall makes the PPPoE connection to my ADSL ISP. ...
    (microsoft.public.windowsxp.network_web)
  • Re: [fw-wiz] Recommendation needed for a firewall appliance
    ... >>I was unsuccessful in getting an IPSec VPN going with a Win2K ... >There are several firewall specific linux distros, Astaro, Coyote ... >There are some small firewall units, and there are small Managed Security ... >> for Windows, OSX and Linux. ...
    (Firewall-Wizards)
  • Re: LINUX Firewall
    ... there is merit on not having your SBS ... linux firewall server in really doesn't offer any additional security. ...
    (microsoft.public.backoffice.smallbiz2000)