Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Putting MS servers behind firewalls

From: Dave Piscitello <yodave () hargray com>
Date: Tue, 08 Jun 2004 09:09:23 -0400
Supporting MS applications like Outlook and MS file/print sharing using native protocols and clients is one reason why many people use SSL VPN appliances. Some of the appliances (not all, you must investigate) proxy the protocols over an SSL tunnel from client endpoint to the SSL VPN appliance, which you place behind your firewall, opening only the ports you would for SSL-enabled traffic (SSL, DNS), and only to the proxy/appliance. 

At 12:23 PM 6/7/2004 +0600, Dilan Walgampaya wrote:

Hi Wizards,
I ran in to a problem putting Microsoft Servers behind a firewall. The users has to go through the FW to access the servers. The servers I wanted to put are on an AD domain. There were AD server, File server and an Exchange server. These servers need a large no. of services opened for proper operation. The worse is that exchange server work in a dynamic port setup where the server opens a random port for each different client. MS site has some registry edits that is supposed to correct this dynamic port setup issue. But when I tried these they did not work as per the document describes.
Has anybody done this kind of a setup (with other than an ISA server). I am interested in doing this with Netscreen/Pix and Linux IPTables. Any help is appreciated. 



Thanks in advance

Dilan
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: