Local app across packet filtering cisco

[Andy Bach <root () wiwb uscourts gov>]

Hi Folks,

We have a db mirroring client/server app that we'd like to run across to 
the DMZ side of our firewall.  If I'm understanding all this correctly, 
we've got the outside world coming in through a firewall (firewall 1, I 
believe) then via a frame-relay cloud to a local box.  That box is 
connected via a Cisco router which is allowing only http, netbios and 
passive ftp between it and the 'inside'.  The firewall is, again, I 
believe, allowing only http into the frame relay cloud (all this is setup 
on a nat'l managed level, so details are few and hard to get) to our 
local box, which is to provide access to a local box w/ a copy of the 
database on it.  The setup now uses a nightly transfer, via passive ftp, 
of the dbs, but we do have have an app that allows mirroring.  So, my 
question is; what's the risk, concerns etc of telling that app to use 
port 80 and running it across the Cisco?  What would be the possibilities 
of opening a different port and using ACLs to limit that port to the 2 
machines we know to be involved?  Is there a better way?

Thanks for any hints and sorry if I'm mangling any of the terminolog etc.

a

Andy Bach, Sys. Mangler             CC:Mail andy bach at ~7ca-chicago
Internet: andy () wiwb uscourts gov    VOICE: (608) 264-5178 ex 5738, FAX 264-5105

      If one studies too zealously, one easily loses his pants.
                -- A. Einstein.