|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Create Virtual Directory from DMZ to LANHi,
I have a Windows 2000 server [IIS5] inside a DMZ with no access onto the LAN except required ports [SQL etc]. The LAN server is part of a Windows 2003 domain while the IIS machine is non-domain. I need to upload files from our website and after trying to create the Virtual Directory ran into some problems. 1 - Which firewall port do I need to open to allow access from DMZ to LAN and how safe is it opening this port? 2 - How can I add ACL settings for the non domain machine into shared directory on the domain machine? 3 - Am I approaching this incorrectly, and a better method exists? Regards Gary In article <1159877994.332845.256***@b28g2000cwb.googlegroups.com>,
gary.br***@gmail.com says... Show quoteHide quote > Hi, Allowing File Sharing from DMZ to LAN means you have no security.> I have a Windows 2000 server [IIS5] inside a DMZ with no access onto > the LAN except required ports [SQL etc]. The LAN server is part of a > Windows 2003 domain while the IIS machine is non-domain. I need to > upload files from our website and after trying to create the Virtual > Directory ran into some problems. > > 1 - Which firewall port do I need to open to allow access from DMZ to > LAN and how safe is it opening this port? > > 2 - How can I add ACL settings for the non domain machine into shared > directory on the domain machine? > > 3 - Am I approaching this incorrectly, and a better method exists? SQL Data is TCP 1433 only, and you would use SQL Authentication mode, not Windows Authentication mode. Instead of file sharing, do FTP and then pass it through from DMZ/LAN or LAN to DMZ. -- spam999free@rrohio.com remove 999 in order to email me Hi there and thanx for the reply..
> Allowing File Sharing from DMZ to LAN means you have no security. As I thought, but I need to achieve this to stop the IIS box becoming afileserver. > Instead of file sharing, do FTP and then pass it through from DMZ/LAN or Can you please expand on methods to achieve this? Currently we utilise> LAN to DMZ. standard ASP code to upload files from any browser to our IIS server directory. Besides the fact this will out grow the server, I want to retain IIS for that purpose only. Are you saying FTP from DMZ to LAN? Thanx Gary 
Other interesting topics
FTP maximum password attempts
IIS6.0 Integrated authentication w/multiple app pools IIS security with user and passwords stored in database SSL entire web site IIS 6 and Anonymous on Windows Server 2003 Event ID 560 IIS 5.0 IWA - Really need tips to solve this issue IIS FrontPage Virtual Sever Administration Site Administration : 401.1 for individual sites Strange CN (Common Name) format with \x00 ... pb with application pools |
|||||||||||||||||||||||
