RE: Ex2k FE in DMZ Segment

  • From: "Thor \(Hammer of God\)" <thor@xxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 5 Dec 2005 17:26:11 -0800

SSL everywhere then? No cheating?

t

----- Original Message ----- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, December 05, 2005 5:16 PM
Subject: [isalist] RE: Ex2k FE in DMZ Segment


http://www.ISAserver.org

OK, good :)

I use SSL Server Publishing Rules since there's no reason to go through
the HTTP filter overhead on both devices. So, SSL tunneling through the
front-end ISA firewall and then a Web Publishing Rule on the back-end
ISA firewall.

S'good?

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**



-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Monday, December 05, 2005 7:09 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Ex2k FE in DMZ Segment

http://www.ISAserver.org

Knock, knock.

-----
"And yet, even if one person finds his way... that means
there is a Way.  Even if I personally fail to reach it."

Mr. Nobusuke Tagomi
Top Place, Ranking Imperial Trade Mission
Pacific States of America

----- Original Message ----- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, December 05, 2005 4:19 PM
Subject: [isalist] RE: Ex2k FE in DMZ Segment


http://www.ISAserver.org

 OK, let me try to figure out what the question is here.

What you want to know is what to do on the FE ISA firewall to publish
the FE Exchange on the BE ISA firewall's DMZ. Right?

Knock twice if yes, once if no.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**



> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Monday, December 05, 2005 4:43 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Ex2k FE in DMZ Segment
>
> http://www.ISAserver.org
>
> OK Doc- help me out here... How about give me the low down on
> exactly what
> you are thinking when it comes to this topology:
>
> [Internal Network]
>           |
>           |
>  [Back End ISA] ---- [Ex FE DMZ]
>           |
>        [DMZ]
>           |
>           |
> [Front End ISA]
>           |
>           |
>      [Internet]
>
>
> I've got my rules just fine from the [Ex FE DMZ] to the
> Internal- OWA works
> fine, etc.
>
> How about spill the beans on the HTTPS tunneling/bridging
> you've got going
> on.  Where will I use what?  I've got the [Ex FE DMZ] box
> requiring HTTPS
> and the owa.domain.com cert on that guy.  Are you talking
> just server pub
> HTTPS from [Front End ISA] to [Back End ISA] and bridging
> from [Back End
> ISA] to [Ex FE DMZ]?  Can you take a moment and tell me what
> you plan to do
> and where?
>
> t
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as:
thor@xxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx




Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 12-2005