[THIN] Re: Secure Gateway Logic?

  • From: "Stansel, Paul" <Paul.Stansel@xxxxxxxxxxxxx>
  • To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
  • Date: Thu, 19 Jun 2003 08:33:19 -0400

Looks right to me.  You seem to have all the ports youneed covered.

-Paul

> ----------
> From:         Nick Crisp[SMTP:ncrisp@xxxxxxxxxxxxxxxxxxxxxxx]
> Reply To:     thin@xxxxxxxxxxxxx
> Sent:         Wednesday, June 18, 2003 11:52 PM
> To:   thin@xxxxxxxxxxxxx
> Subject:      [THIN] Secure Gateway Logic?
> 
> I am trying to setup a basic Secure Gateway service to allow port 80/443
> access to our farm (rather than 1494)
> Would someone mind checking my logic for which stuff to put on which
> servers
> I have tried to explain what I think is the right way to go about this
> in the list below, with each server (egSRV1) listed with its functions,
> and the firewall ports I have open.
> 
> 
> Client = Built-in Cert. trust / ICA Client
> 
> **** Outside ****
> 
> ______1st Firewall    (443,80 TCP Outside -> DMZ => Webserver)
> _______
> 
> **** DMZ ****
> 
> SRV1 = Web Server / Trusted Cert / CSG
> 
> **** DMZ ****
> 
> ______2nd Firewall    (1494 TCP DMZ->SN => MF Server)
>                               (80 TCP DMZ->SN => IIS Server)  _______
> 
> **** Secure Network *****
> 
> SRV1 = SQL Server / Farm Data Store
> SRV2 = Domain Controller / Shared Documents for MF Farm / IIS 5 / STA
> SRV3 = MetaFrame XP FR3
> 
> **** Secure Network *****
> 
> 
> Thanks Nick
> 
> 
> Nick Crisp
> Network Manager
> www.pinnaclesoftware.com.au
> 
> 
> ********************************************************
> This weeks sponsor - RTOSoft TScale 
> Complaints about applications response time - DO SOMETHING ABOUT IT!
> TScale 2.0 improves applications response time and increases terminal
> server capacity. Really get MORE from your existing servers! Free eval:
> http://www.rtosoft.com/enter.asp?id=130
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thethin.net/links.cfm
> 
> For Archives, to Unsubscribe, Subscribe or 
> set Digest or Vacation mode use the below link:
> http://thethin.net/citrixlist.cfm
> 
********************************************************
This weeks sponsor - RTOSoft TScale 
Complaints about applications response time - DO SOMETHING ABOUT IT!
TScale 2.0 improves applications response time and increases terminal
server capacity. Really get MORE from your existing servers! Free eval:
http://www.rtosoft.com/enter.asp?id=130
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

Other related posts:

  1. Home
  2. thin
  3. Archive
  4. 06-2003