Hi Alex DMZ is a good place for it if you want real heavy security. However Exchange2000 is a b*tch wenn it comes to configuring the open ports on the firewall. Your internal users will want to use exchange in a Microsoft Exchange server Setup, and thus be able to use all the neat exchange features like the synchronised calender, and tasks, and beeing able to look the the calender of other users for planning meetings... Well if they want that, you need to open all TCP ports from 3000 to 4000 (if your lucky otherwise even more.) This is because as soon as you move away from exchange in a Internet email setup utelising only POP3 and SMTP, Exchange and outlook communicate over a automaticly chosen port in the discribed range... Also the Sonicwall will crash if you chose too big a range of ports to open so be careful. So, DMZ is nice but doesn't really work. Either you use only POP3 and SMTP, You put the exchange into your side of the firewall, or you put a secound server into the DMZ and have your internal clients make VPN connections to the other server and connect to Exchange from there (Meaning above all other overhead that you will have to open the VPN port... Now I might and accually hope I'm very wrong with this, but I'm afraid I haven't found the little button in exchange to make it send all information over SMTP and POP3... Greatings from Switzerland. -----Original Message----- From: Eric Lanyon [mailto:elanyon@xxxxxxx] Sent: Donnerstag, 21. Februar 2002 22:04 To: [ExchangeList] Subject: [exchangelist] Re: E2K and SonicWALL http://www.MSExchange.org/ I would say behind in the Firewall and do One to One NAT, which maps a Public IP to the Private IP. Then open SMTP and POP3 traffic generated from the Internet to that Private IP. >>> alex@xxxxxxxx 02/21/02 12:51PM >>> http://www.MSExchange.org/ Hello all, Where do I place Exchange 2000 server in reference to 3-interface firewall (SonicWALL with DMZ)? Should it be on the private network or in DMZ? Thank you for the help Alex Randjelovic IT Manager MagiTech, Inc. ------------------------------------------------------ You are currently subscribed to this MSExchange.org Discussion List as: elanyon@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this MSExchange.org Discussion List as: ckurmann@xxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')