Re: ICF problems win Win2003

From: Vincent Haakmat (vhaakmat_at_ipx.nagicosus.com)
Date: 11/21/03 

Date: Fri, 21 Nov 2003 10:34:35 -0400

Ok... makes sense... We have a firewall from Netgear, but according to my
ISP, I need to get a better one. They recommended CISCO, but it is too
expensive for our business (only 50 PCs).
Can anyone recommend something better that won't break our wallet?
Thanks

Vincent

"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:uY0OHGBsDHA.1196@TK2MSFTNGP12.phx.gbl...
> If this server is multi-homed, then just enable ICF on the Public NIC and
> not on the Private NIC
>
> If this server has only one NIC and both the server and LAN are not behind
a
> firewall from the Router/Gateway, what you are trying to do is pretty
> insecure and defeats running a firewall on the server.
>
> There are two general topologies that you can consider for small-time
> servers.
> 1. The server is dual-homed (i.e. "Gateway") on the broadband connection
and
> LAN, with a firewall running either on the server's external NIC or on any
> local router-device upstream from the web server
> 2. The web server is an internal LAN server, and the Gateway must have
logic
> to either forward requests based on ports, host header, or IP address to
and
> from this internal LAN server
>
> Both topologies allow unrestricted access by your LAN clients to the LAN
> server's interface, and highly restricted external access to your server's
> public interface.
>
> --
> //David
> IIS
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "Vincent Haakmat [393242]" <vhaakmat@nagico.com> wrote in message
> news:ewIqSrrrDHA.560@TK2MSFTNGP11.phx.gbl...
> I have an exchange server 2003 running on my win2003 server. Because it is
> directly connected to the net i wanted to use ICF. But if I do, the other
> computers on the LAN can't connect to it. WHich ports (UDP-IP) do I need
to
> enable so that the can still access normal file and print services from
it?
>
>
>

Relevant Pages

  • Re: SMTP will not connect
    ... This webserver is outside of my office LAN. ... I have no idea how to see what's in the firewall, ... The server allows email sending and it receives emails. ... > That doesn't mean Exchange isn't being a mail server. ...
    (microsoft.public.exchange2000.admin)
  • Re: Security, Distributed firewalling application...long ;-)
    ... > redirected to internal IP space DMZ server running web-apps ... Do note that that's a lot of services to offer inside the LAN (instead ... firewall configuration, can be used to 'persuade' it to). ... Running an IDS on the local network. ...
    (Focus-Linux)
  • Re: Dual NIC Default Gateway Configuration
    ... This firewall opens ports for e-mail, ... The workstations on the LAN, ... The Windows 2003 SBS in question serves multiple ... mail server will bind to that IP address and that IP ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote Desktop
    ... I have recently added a second windows 2003 std server to ... were setup with names longer then 15-characters. ... >If you can't connect on LAN then it's not VPN problem. ... >firewall settings on clients e.g. disable firewall for a ...
    (microsoft.public.windowsxp.general)
  • Re: ICF problems win Win2003
    ... It's interesting to know why your ISP reckons you need another firewall. ... Have they actually proven that your Netgear has a vulnerability that opens ... Microsoft ISA Server on your Windows server. ... >> LAN, with a firewall running either on the server's external NIC or on ...
    (microsoft.public.windows.server.security)