Re: netcreen 25 dmz web servers

From: Somebody. (somebody._at_spamout.russdoucet.com)
Date: 10/31/05

  • Next message: Alan: "jenny@arecosnow.com"
    Date: Sun, 30 Oct 2005 22:47:06 -0500
    
    

    <prodest@gmail.com> wrote in message
    news:1130698225.587222.7820@g44g2000cwa.googlegroups.com...
    > Hi:
    >
    > Atm i have running the trus t site of my company with internet accesss
    > with no problrms, but now i want to be able to access to internet with
    > my web servers in the Dmz zone, both web servers in the dmz have
    > 10.0.0.x ip and for now they cant go out, i ll would aprecciate some to
    > tips to be able to access to internet with this dmz servers and cant
    > reach them from outside. I read some stuff bout MIP but i cant make
    > this config run.
    >
    > thx in advice

    Edit the untrust interface
    Click MIP
    Add the public IP that you're going to use (not the public IP of the NS25)
    and the 10.x it's going to, save the MIP.
    Create a policy from untrust -> trust from Any ip to the MIP. (NOT to the
    10.x IP, to the MIP)

    Now people can hit your web server from outside.

    For it to get out (ie, patch updates, etc) you need to

    Create an address book entry for the 10.x IP of the server
    Create a policy from DMZ -> Untrust for 10.x IP, enable NAT in the advanced
    properties.

    -Russ.


  • Next message: Alan: "jenny@arecosnow.com"

    Relevant Pages

    • Re: Domain in ISA2004 dmz
      ... put services that are needed to 'listen' for incoming internet requests ... DMZ trusts Seattle.Demo but seattle.demo does ... > Would it just be better if we left nothing but the web servers in the dmz ...
      (microsoft.public.isa)
    • netcreen 25 dmz web servers
      ... Atm i have running the trus t site of my company with internet accesss ... my web servers in the Dmz zone, both web servers in the dmz have ... 10.0.0.x ip and for now they cant go out, i ll would aprecciate some to ...
      (comp.security.firewalls)
    • RE: Mobile Devices & Webservices For Data Transfer Dotnet
      ... This requires that web servers you visit format html to fit tiny screen. ... you will need to choose a wireless Internet provider ... need to purchase a Special extension card that will act like an antenna. ...
      (microsoft.public.dotnet.framework.webservices)
    • Re: Public DNS & Web hosting
      ... Cisco Pix ... Internal PC's are getting IP address & DNS(ISP's DNS server) from my PIX ... this error from the internet? ... web servers don't usually and shouldn't usually be ...
      (microsoft.public.windows.server.dns)
    • Re: NAMED Question: Is this possible?
      ... freewebspace.planetdns.net which I assume has a publicly accessible internet ... your internal private lan address for your system. ... server to send it to a private internal lan address. ... ISP's will block port 80 to avoid people from setting up Web servers. ...
      (alt.os.linux)