Hi:
In my opinion, you must do two things: Allow bi-directional traffic
between trusted and DMZ for ports 137, 138 and 139. Then , you must
configure your stand alone servers (FW-1 and webservers) as WINS
clients. Netbios broadcasts will not pass through routers (or
firewalls), so you must configure and NT box (on your trusted segment)
as a WINS server.
Hope it helps.
pablo.
--------------------------------------------------
Pablo Marcelo Smiraglia
Lider de proyectos
DTE Inform�tica & Comunicaciones
Voice 54-11-4382-8555 \ 0005
Fax: 54-11-4382-9073
e-mail: [EMAIL PROTECTED]
--------------------------------------------------
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENAzg0bOIAAAEIANDXaSo3HHgN1D/WZAPJDZ4RNX+8tgAfl1giUQmJQtxZeB03
mchtLO+bM0L5MJvhibobB0SiyoS5c737J9Ot7NvOhC+XMQvfWJm0/N6Bd8CkYRdC
DsQwhPViMSXoM7t8Z5LYS/172N0HEaoy3umI1Vq+Ut4to6JHeVtiU+Cv/BCcgMuG
bLoVmUF3PE1N4sCa+KBwvqx1S06iVKxSWLJtrqaK/ZVhQ28C3N4p00W9AQQdnHlp
7gRFduMt8jzeo2/JmOdjfHxp7on+hPbiY9mFKHcCvTNESmh0djzsAxMJd7schdQ2
LHw7eZ5SIWe7RS4ZIfXKCHrtg52h6iaMwPSj5gsABRG0JVBhYmxvIFNtaXJhZ2xp
YSA8cGFibG9zbWlAZHRlLmNvbS5hcj6JARUDBRA4NGzi6iaMwPSj5gsBAZvNCADH
RtKRBPyC2Q+rCvRvcLkwzd8BySx7XY+vq1/N9exMXl7J8Z11cRiXNjMuRjaCwXHb
M4FaY2rUBlfdbWDrVqHU1ORB8jAmNNSZ7uiYa5F+IEb3ymEjLkMKKAUAqx9D/4y7
0pS7p3nEMSTcIXg2u1MA6UtCgH+F0D/2H+1o8iLRoZRBg/oI1B+1PmcRLv8rsXPF
H8gUe1F0FIZvSJCdALFC8dN6kujb96aN+ynmDrzTK8gkpxfGT/lXexWtIzPcxOPs
lDzaQog54i76J8Mk/LVmUWUFebSCnmbgxYsLbeddNBqOFGwhnjHQgIolZURCOZW/
nJNaLOLFqkJrc8y7JO79tDRQYWJsbyBTbWlyYWdsaWEgaG9tZSA8cHNtaXJhZ2xp
YUBkYXRhbWFya2V0cy5jb20uYXI+iQEVAwUQODlPyuomjMD0o+YLAQEoJAf5AXZc
tNx2JMppx4pvmdmPl+mtQ4L+2TqDP+0+otGvSyg2T0TAj7GBS2JbMkZ8XAW3UOJV
mdRA+wssJWs80HWF78nUWQ1YxgvmGFu2vTYmCD+ovjV64W7iqleQ9kMu7dIPODOU
21ojZcOlWojeqJWjexvSozBiidu/HdWPPGQGxp++1sDSqgdh9i0gNSs7fvpv4pvJ
wRdddXvvPUuw/xGLNFj+R5Meref0xKEDtfB0kp16ue+eXyYxtJVma+eXxKbbmMMG
CxqGPUnrnd0tiuzHUfD6X6pKo+0N+pQcGWAkBQGm69iRJjeH9IEhP+LcTVbilXCB
WyrCv3eF9MFWCWx8E7QoUGFibG8gU21pcmFnbGlhIFdlYiA8cHNtaXJhZ2xpYUB1
c2EubmV0PokBFQMFEDg5T+LqJozA9KPmCwEBo9YIAJy79ErUMzVOf5ndL8nptiva
4QTDBAjI2I+0jUDGlmA17ryiZzSNVcdQ0okw1prf9hBZCurEZM3vEIW6DaLUdBle
uwmTFZ0GXOdr4tYhBXlZKObvUqKkHdKmoYgXl+46/FPeBM4pM7k1rxIFIRRd5oQE
MDI5K8wlISZN4aieaZa5EEPw3bIEIpSawGT7o7Ya/eECh6MItnD3InI8Wibp03sM
4GttxfzlRCk4rmCCIYJdBkSh/LQo/ZkB4tMnDNvqrR6Gui+mHvcTkIIDguU6V91v
0Z0Z1vaF0C00/xvXW3RBS9IxFIJ7Hy+iox+b7l5GPcg4oZSMOXGZa7UqeFehCrM=
=oRYu
-----END PGP PUBLIC KEY BLOCK-----
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Lunes, 22 de Noviembre de 1999 11:18 a.m.
To: [EMAIL PROTECTED]
Subject: Re: Browser Question
From: Vince R Grande <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Browser Question
Date sent: Fri, 19 Nov 1999 18:05:18 -0500
Did you allow nbt traffic between the internal network and the dmz
(port 135 through 139)?
> I have Firewall-1 installed on a WindowsNT server with 3 nic cards and
a DMZ
> zone. The DMZ zone contains our web server in a Workgroup instead of
the
> Domain. The Firewall is also setup this way(in the same WorkGroup).
The
> problem I'm having is the WorkGroup does not show in the Network
> Neighborhood. The reason I want to do this is so local users on the
internal
> net can upload HTML files to the Web server(I hope this is a safe
option).
> Does anyone know why the Workgroup(and web server) will not appear in
the
> Network Neighborhood? I've added the web server to WINS but the
problem
> still exists. I was able to located the server though the FIND
COMPUTER via
> Windows.
>
> Thank you in advance,
>
> Vince Grande
> [EMAIL PROTECTED]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
mfg / yours
Ingo Hiepler
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
smime.p7s
