Re: Seeking advice - Securing Server Traffic tio The Internet

From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
Date: Sun, 7 Jan 2007 10:51:36 -0700

"hedon" <hedon@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:95DFEFC3-0FBD-47AA-B01A-D6CEAC40FB25@xxxxxxxxxxxxxxxx

I would like to allow to member server to the Internet Vlan (192.168.1.32)
for port 80 traffic only. When server starts updates it does not no which
NIC
to send out http traffic. How can I solve this issue?

That was answered last night to your identical post in other thread.

In the future please consider cross-posting when it is appropriate
to send one post to multiple newsgroups, rather than multi-posting
(sending the same, one at a time, to the newsgroups).

Roger

"Jesper" wrote:

You could just modify the router tables so there is no default route on
the
domain traffic vlna, but I'm a bit confused as to what risk you are
trying to
mitigate.

"hedon" wrote:

We have a member Server. W2K3, with dual NICs that responds to domain
traffic Vlan, 192.160.1.0/27 and Internet Vlan, 192.168.1.32/27. The
server
needs to access the net for purposes of updating WSUS, AV pattern
updates.
The server is protected by Cisco CBAC Firewall.

How can I force all update traffic (http) to use the 192.168.1.32 vlan?
Is
their a better way I can design network flow, with the priority on
server
protection.

Thanks in advance for help

Prev by Date: Re: Traverse Folder Permissions
Next by Date: Re: W32 trojan-gen {VB}
Previous by thread: Traverse Folder Permissions
Next by thread: Re: Auditing
Index(es):
- Date
- Thread

Relevant Pages

Re: Strange Server Behaviour
... Thanks for updates. ... I am Charles the backup of Brandy, as the Brandy is currently sick at home. ... Microsoft CSS Online Newsgroup Support ... | Subject: Re: Strange Server Behaviour ...
(microsoft.public.windows.server.sbs)
Re: WSUS Client not yet reported
... The client still fails to report. ... Check your server status ... Suggestion 2: Check the IIS settings: ... any updates in your thread. ...
(microsoft.public.windows.server.sbs)
Re: SUS
... > I have setup a SUS Server on win2k. ... 0-2.reg will not configure your machine to automatically download updates from ... critical updates or service packs that your machine needs. ... It will also ask you if you want to install them, ...
(microsoft.public.windows.server.general)
Re: FYI for eTrust AV 7.x Users
... When I just had my little incident with the redistribution settings on the SBS, my clients were logging successful checks for updates, and the logs indicated that no updates were found. ... That turned out to be because I had not gone back and checked the redistribution server box for 8.x after reinstalling the redistribution server. ... installed the new remote install utility which works the same as v7 did - just edited the .ICF file the way I wanted it and ran the client upgrades from the server. ... I can't remember if it's a separate install, or if you have to click a box when you do the Agent install, but redistribution server is not installed by default. ...
(microsoft.public.windows.server.sbs)
RE: New Update for #70-299
... > Segment A contains a single server named TestKing1. ... > Segment B contains all other computers, ... > TestKing?s written security policy states that Segment B ... > Updates on all computers in Segment B to use ...
(microsoft.public.cert.exam.mcse)