Ouch... That's kinda dangerous.. To use a UNC share from the DMZ, you'll
have to allow NetBIOS sessions from the DMZ to the internal network as well
as at least LDAP and Kerberos from the DMZ to the Domain Controllers. You
might get by with CIFS but I'm not sure. In addition, any compromise of the
DMZ will yield a credential usable on the internal network. Not really
cool...
Is there no better way for you to isolate the DMZ web server completely?
How often does internal content change? It would be WAY better to come up
with a process that updates the DMZ content from the Internal server when
necessary...
t
----- "I may disapprove of what you say, but I will defend to the death your right to say it."
http://www.ISAserver.org
Hi, The web server (IIS 6.0,Windows 2003+sp1) is connected to ISA 2004 DMZ interface.
The file server(windows 2003+sp1) is located at ISA 2004 inside interface.
The virtual directory in the default website is pointing to a share folder located at the file server.
i cannot browse using UNC path from web server pointing file server.
Pls let me know what ports i need to open between isa DMZ & inside interface.
web server IP:172.16.224.2 file server IP : 172.16.0.2
from web server cannot see directory listing ie. \\172.16.0.2\shared folder
Need help
Regards, Prashanth
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx