RE: FE in DMZ

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Sun, 24 Oct 2004 14:59:32 -0500

Hi Ruba,
 
The ISA firewall can pre-authenticate users and forward those
credentials to the FE server. This is the most secure configuration.
 
HTH,
 
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 

________________________________

From: Ruba Al Omari, Eng. [mailto:romari@xxxxxxxxxxxxxxxxx] 
Sent: Sunday, October 24, 2004 1:45 AM
To: [ExchangeList]
Subject: [exchangelist] FE in DMZ


http://www.MSExchange.org/


Hi 

I have E2K in DMZ zone as a front end server, if I allow http traffic to
go from untrust to DMZ it becomes an open proxy, and if I deny it users
outside the organization can't use the front end server, how should the
traffic rule be set for the email server in the DMZ zone?

Thanks for any help

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
tshinder@xxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx 

Other related posts: