look at the drops between your web-server and the sql-server and open the required ports.
cheers reinhard
At 12:44 16.10.2003, you wrote:
Hello Everybody,
I need help.
AA. We have a FW-1 FP-3 on Win2k running fine. We have a Win2k Server(Global IP- static NAT, Workgroup) on the DMZ which is required to connect to a database server(Win SQLServer 2K) on the Internal Net (Hide NAT). The connection process is as follows: External (Internet)-------> FW------>WebServer(DMZ)------>FW------>Database Server(Internal) and back.
BB. If the relavent rules are as follows, everything runs absolutely fine and there is no problem
1. Any Webserver any http/https accept log 2. Webserver Internal any any accept log
CC. I do not want to allow all services from the WebServer(DMZ) to the Internal Net for obvious reasons. Rule 1 is OK. In Rule 2, I have tried to restrict the services to microsoft-ds instead of 'any' . Immediately thereafter connections to the Webserver are lost.
I would be grateful for any help. Thanks in advance.
Guri
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
-- !! NEUE SNAIL-MAIL-ADRESSE !! Reinhard Stich, ASSIST [EMAIL PROTECTED] Internet Security AG, 1150 Wien, Johnstrasse 29 Tel: +43 1 3709440 RS784-RIPE Fax: +43 1 3709440-10
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
