[isapros] Re: [ISAServer] DMZ to SQL
- From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Tue, 11 Jul 2006 20:25:46 -0400
NAT.
Pings from web server to sql server get to their destination.
-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Thomas W Shinder
Sent: Tuesday, July 11, 2006 7:36 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: [ISAServer] DMZ to SQL
Hi Amy,
Do you have a route or NAT relationship between the Web server and the
SQL server?
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
> -----Original Message-----
> From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
> Sent: Tuesday, July 11, 2006 6:10 PM
> To: isaserver@xxxxxxxxxxxxxxx
> Subject: [ISAServer] DMZ to SQL
>
> I'm stumped. Working with a client to setup a DMZ for a web server.
> Sounds easy enough. The web server (in the DMZ) needs to talk
> to an SQL
> server on the Internal network. The web server can
> communicate DNS, ICMP
> and any domain communications protocols that I throw at it.
> It can even
> ping the SQL server and the SQL server can ping it.
>
> But SQL Server protocol port 1433 blows right by my DMZ
> access rule and
> gets blocked by the default rule.
>
> Is there something special about SQL? This is the first time
> I've tried
> to give access from DMZ to an SQL server.
>
> Thanks,
>
> Amy
> ---
> To subscribe to the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in JOIN isaserver@xxxxxxxxxxxxxxx,
> youremailaddress
>
> To leave the list - send an email to list@xxxxxxxxxxxxxxx
> In the subject line put in LEAVE isaserver@xxxxxxxxxxxxxxx,
> youremailaddress
>
> Don't forget the comma!
>
>
Other related posts:
