RE: FYI: ISA on SBS
- From: "David V. Dellanno" <ddellanno@xxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 14 Jul 2003 14:05:12 -0400
http://microsoft.granitepillar.com/partners/
Free Virtual Hands-On Lab for Windows Small Business Server 2003
We want to make your customers' transition to Windows Small Business
Server 2003 as smooth as possible, so we created this free, online,
hands-on lab. Get practice running a business network and find out why
the key features of the new software can help you open up a new line of
revenue.
-----Original Message-----
From: John Tolmachoff (Lists)
[mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Monday, July 14, 2003 12:40 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: FYI: ISA on SBS
http://www.ISAserver.org
First off, I have to admit I am not familiar with the technical
side of RPC publishing.
What port ranges are used and how does it work?
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Monday, July 14, 2003 9:21 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: FYI: ISA on SBS
http://www.ISAserver.org
Hi John,
Yes please! I'd like to hear more of your observations on this.
However, the problem with the sonicwall firewall setup is that
if you run ISA Server 2000 on the SBS box that runs the Exchange Server,
you cannot avail external users of Exchange RPC publishing. The only way
to do this is to disabling packet filtering, in which case, there's no
point to even installing ISA Server, since its no longer a firewall
without packet filtering protection. The Problem is that there's no way
to disable RPC socket pooling. When you can't disable socket pooling,
you can't create Server Publishing or Web Publishing Rules on that
socket. The only other option is to create packet filters, but in order
to create packet filters, you have to open the entire ephermal range of
ports using static packet filters, which gets back to the poor security
provided by tradition packet filtering based devices like PIX or
sonicwall, and the reason why you want an ISA based appliance in front
of the SBS box so that the customer is able to fully take advantage of
the Exchange Server and remote Outlook 2000/2002/2003 client.
Thanks!
Tom
Thomas W Shinder
www.isaserver.org/shinder <http://www.isaserver.org/shinder>
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
<http://tinyurl.com/1llp>
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: ddellanno@xxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
Confidentiality Notice:
This e-mail message, including any attachments, is for the sole
use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient,
please contact the sender by reply e-mail and destroy all copies of the
original message.
Confidentiality Notice:
This e-mail message, including any attachments, is for the sole use of the
intended recipient(s) and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution is prohibited. If you
are not the intended recipient, please contact the sender by reply e-mail and
destroy all copies of the original message.
Other related posts:
