I want to add his to my first post, if this can help to better understand
what I want to achieve:
Remote users connected to the Internet (via their ISP or others) want to get
their e-mail on the Exchange server through the firewall which takes care of
receiving (MX at the ISP) and forwarding the SMTP mail addressed to users on
the Internet. SMTP services work quite fine. I am sure that I am not the
only one with users who need that kind of services? I thought that POP
would be the simplest and most secure way for the users to get their
e-mails? There will not be any RAS server or RAS client.
Remote clients on the Internet need access to the IIS only (the front end).
But the IIS needs info. stored onto the SQL and I thought that I could just
let the ports for ODBC (believed to be 1433TCP) opened between DMZ and the
secure net. If it is, my access lists must be messed up then. And my IIS
being in a private DMZ, it is not advertised on the net but the fw should be
able to forward the request to it?
Jean
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Jean Morissette
> Sent: Sunday, September 12, 1999 8:10 AM
> To: firewalls@lists. gnac. net
> Subject: FW
>
>
> Hi all,
> here's my config.
>
> 1 fw with 3 nics, I have a IIS server in a DMZ and a sql server and an
> exchange e-mail server in the secure network. FW does IP
> filtering and used
> as a proxy. 3rd nic non secure network goes to a screening router to the
> internet. non secure net. has public addresses. both DMZ and secure net
> have private addresses.
>
> 1- I need to let remote users to get their e-mail (POP) stored on
> the secure
> network Exchange server! My fw handles the SMTP mail and the exchange
> obviously is not known on the Internet. What are my choices? Do I need to
> let RPC through just for POP?
>
> 2- My IIS 4.0 in the DMZ needs to talk to the secure MS SQL server in the
> secure network. First, do I need public addresses for the DMZ so
> that some
> targeted clients (from the Internet) can have access to the info on that
> IIS. And what do I have to do to allow the IIS to query data on the SQL
> using ODBC? Anything more than 1433TCP? Anything better than odbc, i.e.
> more secure?
>
> Any directions/ideas/clues to help me out would be appreciated!
>
> Thanks.
>
> Jean Morissette
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
