Firewall Wizards mailing list archives
Re: firewall-wizards digest, Vol 1 #1322 - 1 msg
From: "Tim Chettle" <tim.chettle () orange net>
Date: Mon, 7 Jun 2004 18:32:05 +0100
Most of the protocols you mention are RPC based connections. The client connects the rpc listener and then negotiates a fresh set of dynamic ports to communicate upon, I dont belive that the Pix or Iptables can handle that typ eof dynamic connection. However the point i was going to make was that rather than open up that high number of connections, if you are using exchange 2003 and outlook 2003 you can replicate over https and if you deploy a sharepoint services on the box again you can browse using https ----- Original Message ----- From: <firewall-wizards-request () honor icsalabs com> To: <firewall-wizards () honor icsalabs com> Sent: Monday, June 07, 2004 5:00 PM Subject: firewall-wizards digest, Vol 1 #1322 - 1 msg
Send firewall-wizards mailing list submissions to firewall-wizards () honor icsalabs com To subscribe or unsubscribe via the World Wide Web, visit http://honor.icsalabs.com/mailman/listinfo/firewall-wizards or, via email, send a message with subject or body 'help' to firewall-wizards-request () honor icsalabs com You can reach the person managing the list at firewall-wizards-admin () honor icsalabs com When replying, please edit your Subject line so it is more specific than "Re: Contents of firewall-wizards digest..." Today's Topics: 1. Putting MS servers behind firewalls (Dilan Walgampaya) --__--__-- Message: 1 From: Dilan Walgampaya <Dilan () dpitl com> Reply-To: Dilan Walgampaya <dilan () dpitl com> To: firewall-wizards () honor icsalabs com Date: Mon, 07 Jun 2004 12:23:34 +0600 Organization: DPITL Subject: [fw-wiz] Putting MS servers behind firewalls Hi Wizards, I ran in to a problem putting Microsoft Servers behind a firewall. The users has to go through the FW to access the servers. The servers I wanted to put are on an AD domain. There were AD server, File server and an Exchange server. These servers need a large no. of services opened for proper operation. The worse is that exchange server work in a dynamic port setup where the server opens a random port for each different client. MS site has some registry edits that is supposed to correct this dynamic port setup issue. But when I tried these they did not work as per the document describes. Has anybody done this kind of a setup (with other than an ISA server). I am interested in doing this with Netscreen/Pix and Linux IPTables. Any help is appreciated. Thanks in advance Dilan --__--__-- _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards End of firewall-wizards Digest
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.698 / Virus Database: 455 - Release Date: 02/06/2004 _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: firewall-wizards digest, Vol 1 #1322 - 1 msg Tim Chettle (Jun 07)
- Putting MS servers behind firewalls (Dilan Walgampaya) Mark (Jun 08)
- Re: Putting MS servers behind firewalls (Dilan Walgampaya) Tim Chettle (Jun 08)
- Putting MS servers behind firewalls (Dilan Walgampaya) Mark (Jun 08)