Webhosting Network Question

From: Tim Meyer (tim@quickservicesoftware.com)
Date: 12/01/02 

From: "Tim Meyer" <tim@quickservicesoftware.com>
Date: Sun, 1 Dec 2002 15:02:04 -0400

I've put this on a few different newsgroups now and I 've yet to get a
reply,
so I'm sorry if this is a tad off topic. I am running IIS in this scenario
though.
This is going to deal mostly with security and best practices.

I currently have 3 machines on our internal network that run WLBS (wink2k
AS) to host a website for internet clients. Each system has 2 nics and is
running WLBS in unicast mode. I'm using 1 to 1 nat on our firewall to allow
access to the internal load balanced IP. What I want to do is to move these
3 systems to our DMZ and assign an external IP to the cluster and eliminate
NAT.

What I need to know is could I move the load balanced nic on each of these 3
machines to the DMZ (with the appropriate tcp/ip param of course) and still
have my other NIC connected to the LAN switch without leaving our internal
LAN open to hacking?

Requests made to the load balanced IP will need to pull data from our
backend SQL DB. How should this be handled? Should I just allow access
from that external IP on the SQL port # into the LAN? Or is there someway
that I can have the the machine that handles the request to use it's other
NIC (domain) to connect to the SQL DB and then transfer back over the
external IP.

If I'm way off base here let me know. I can take critisism with the best of
them.

Thanks

Tim

Relevant Pages

  • Re: Client cannot connect to SBS2003
    ... I noticed that both NICs (internal LAN on the Server and NIC on ... LAN NIC and the LAN cable was plugged into the WAN NIC. ... >> Did you run the Internet and Email Wizard in Server Management Console? ...
    (microsoft.public.backoffice.smallbiz)
  • Re: Help! Clients are off the network.
    ... Possibly it's just simpler to think LAN vs WAN, but then we start to hit confusion about the perspective you are viewing from. ... Your router has LAN and WAN and the server WAN adapter connects to the router LAN interface. ... It and the NICs of all devices connect to your network switch and are physically isolated any 'internet device'. ... The 'external' NIC on such a system is the only connection to your internet device. ...
    (microsoft.public.windows.server.sbs)
  • 2 nics
    ... I have a situation where I have two NICs in a work station. ... to tell the system how to use one for internet and one for LAN. ... connection than the wired connection. ... uses a diff sub net and ip range so it isn't able to access my LAN. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Two NICs problem
    ... simultaneously, both PC's have two NICS, the LAN NIC's have static IP ... have IP's assigned using the DHCP server of an ADSL modem these are in the ... I have the dns addresses and gateways of the internet NIC's ... If you've specified a GW on the LAN NICs, ...
    (microsoft.public.windows.server.networking)
  • Re: Webhosting Network Question
    ... IPX/SPX) run between your WWW & SQL. ... the point of a DMZ is ... would you want the machines to have NICs on ... >>> AS) to host a website for internet clients. ...
    (microsoft.public.inetserver.iis.security)