RE: DMZ - The Hell

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 26 Sep 2002 10:00:04 -0500

Hi Alex,
 
The default packet filter for TCP 80 won't work if you're wanting to
pass packets to a public address DMZ host. You'll have to create them
manually.
 
HTH,
Tom
 
Thomas W Shinder
www.isaserver.org/shinder <http://www.isaserver.org/shinder>  
 
 
-----Original Message-----
From: Alex Decarli [mailto:decarli@xxxxxxxxxxxxx] 
Sent: Thursday, September 26, 2002 8:46 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] DMZ - The Hell
 
http://www.ISAserver.org
Hi all,
 
Again, I come to list to find help to implement DMZ.
I read "DMZ Scenarios" on isaserver. rg and "HOW To: Publish Web Server
in Perimeter Network - q313562". ALL RECOMENDATIONS ARE APLLIED.
 
 
My problem is:  I can't to connect my webserver on DMZ from internet.
But, i can connect my webserver from internal network and ISA Computer
(the connections has proxy configured, either).
 
My Scenario is:
===========
 
[ ISP ROUTER ] -------------------------------- ** ISA External NIC **
(subnet1 e subnet2)                             Defaut gateway is router
subnet 1
                                                         |
                                                         | 
                                                       ISA SERVER
------------------------------------------------------------------------
------------------------------------ [ INTERNAL NETWORK]
                                                         |
LAT: 10.1.1.x                   
                                                         |

                                                         ** ISA DMZ NIC
**
                                                         IP Public
(subnet2)
                                                         Diferent Subnet
of ISA External NIC
                                                         No  Defaut
Gateway                                                          |
                                                          |  
                                                          |
                                                          |
                                                          |
                                                         [ WEB SERVER ]
                                                         IP Public
(subnet 2)
                                                         Defaut gateway
is ISA DMZ NIC
                                                         
I've configured a "IP Packet Filters Rule" called "Allow webserver on
DMZ" , IP routing and IP Packet filters are enabled, with pre-defined
HTTP 80 Port , applied to IP address of webserver. exactly q313562
 
My ISA Server is Standalone Server, SP1, Windows is Server Standard,
SP3, no more.
 
Any help is apprecied !
 
Alex Decarli.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » DMZ - The Hell
• » RE: DMZ - The Hell

1. Home
2. isalist
3. Archive
4. 09-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---