Re: Microsoft Proxy Server and VPN

Wed, 17 Nov 1999 20:01:43 -0800 

If you are using one NT server to run both Proxy Server as the firewall AND
IIS the web server, then I don't see how you could place the web server
outside of the firewall.

My suggestion would be, as this is a small installation, to use
"reverse-proxy" to publish your webserver through the proxy connection.
Basically, with reverse-proxy the proxy server will forward all external
HTTP(s) requests to a specified internal webserver.  Dead easy to set up.

You can also use the NT server running MSP2.0 as your RAS/VPN server (MS has
a whitepaper about doing just that), but do realise that, the more applics
you run on the box, the greater the risk to the security of the system.

And yes, I've run all of those services (and PDC, DNS, WINS, DHCP, Print
Services and basic file services) off of one NT box, so I know it works :-).
However, ideally you'd want whatever's granting access to your network to
run on its own box.

Brian Steele


----- Original Message -----
From: Arkady Yerukhimovich <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, 17 November, 1999 2:23 PM
Subject: Microsoft Proxy Server and VPN


> I am trying to set up a secure NT network that would be protected by the
> Microsoft Proxy Server.  This network has to containe a web and e-mail
> server, and about 15 client computers on the internal network.  I also
need
> to set up secure VPN access to this network.  I have been advised to place
> the web server outside of the firewall, but I do not know how and where to
> setup the VPN/RAS server.  From what I've read on the topic it can not be
on
> the same machine as the proxy server.  So, I don't know if it should be
> outside of the firewall or inside the firewall and how it all fits in to
the
> network architecture.  If anyone knows how to set up this kind of network
> please help.  Since I am a newcomer to network security any suggestions
> would be greatly appreciated.
> Thank you,
> Arkady Yerukhimovich
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]

-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to