RE: FYI: ISA on SBS
- From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 14 Jul 2003 09:39:48 -0700
First off, I have to admit I am not familiar with the technical side of RPC
publishing.
What port ranges are used and how does it work?
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Monday, July 14, 2003 9:21 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: FYI: ISA on SBS
http://www.ISAserver.org
Hi John,
Yes please! I'd like to hear more of your observations on this.
However, the problem with the sonicwall firewall setup is that if you run
ISA Server 2000 on the SBS box that runs the Exchange Server, you cannot
avail external users of Exchange RPC publishing. The only way to do this is
to disabling packet filtering, in which case, there's no point to even
installing ISA Server, since its no longer a firewall without packet
filtering protection. The Problem is that there's no way to disable RPC
socket pooling. When you can't disable socket pooling, you can't create
Server Publishing or Web Publishing Rules on that socket. The only other
option is to create packet filters, but in order to create packet filters,
you have to open the entire ephermal range of ports using static packet
filters, which gets back to the poor security provided by tradition packet
filtering based devices like PIX or sonicwall, and the reason why you want
an ISA based appliance in front of the SBS box so that the customer is able
to fully take advantage of the Exchange Server and remote Outlook
2000/2002/2003 client.
Thanks!
Tom
Thomas W Shinder
<http://www.isaserver.org/shinder> www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: <http://tinyurl.com/1llp> http://tinyurl.com/1llp
Other related posts:
