Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Windows Networking > My best Option??

Reply
Thread Tools Display Modes

My best Option??

 
 
josh
Guest
Posts: n/a

 
      08-31-2004, 08:07 PM
I have a windows 2003 server sitting on my DMZ. Single
Nic. Lets say its 172.20.1.10. I want to create a share on
it, that a few people on my internal network can access.
My internal network is a 10.20.1.x.

Now I have a server running windows 2000 advanced and it
has dual nics, 1 nic on my dmz and 1 on my internal nic.
Its my unit that does my back-ups and sees both networks
no problem.

Now what would be the easiest way to access a share on my
2003 server sitting on the DMZ from my internal network?
Could I route trough my 2000 advanced server or should i
mess with my firewall?

Anyone...explain what you think i should do.
 
Reply With Quote
 
 
 
 
Jeff Cochran
Guest
Posts: n/a

 
      09-02-2004, 03:45 PM
On Tue, 31 Aug 2004 13:07:56 -0700, "josh"
<(E-Mail Removed)> wrote:

>I have a windows 2003 server sitting on my DMZ. Single
>Nic. Lets say its 172.20.1.10. I want to create a share on
>it, that a few people on my internal network can access.
>My internal network is a 10.20.1.x.
>
>Now I have a server running windows 2000 advanced and it
>has dual nics, 1 nic on my dmz and 1 on my internal nic.
>Its my unit that does my back-ups and sees both networks
>no problem.
>
>Now what would be the easiest way to access a share on my
>2003 server sitting on the DMZ from my internal network?
>Could I route trough my 2000 advanced server or should i
>mess with my firewall?
>
>Anyone...explain what you think i should do.

You have two routes between your DMZ and LAN. That means you have to
secure both of them from attack. That doubles your chances of a
mistake, as well as doubles the attack vector. You should *never*
bypass the firewall as you've done with your backup system.

Jeff
 
Reply With Quote
 
Phillip Windell
Guest
Posts: n/a

 
      09-02-2004, 04:24 PM
"Jeff Cochran" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> >Now what would be the easiest way to access a share on my
> >2003 server sitting on the DMZ from my internal network?
> >Could I route trough my 2000 advanced server or should i
> >mess with my firewall?

The best way is to not do it at all. "Shares" are for LANs, not for DMZs.

Use FTP to work with the files. You would connect to it with FTP just as you
would any machine on the Internet from the LAN. Even FTP isn't the most
secure thing in the world, but it is certainly better than what you are
proposing.

Your backup design is also a problem as Jeff indicated. You should install
a Tape Drive in the machine itself and do backups locally with its own tape
drive.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
 
Reply With Quote
 
 
 
Reply

« Slow File Transfer. Please help. | Phantom PC In Network Neighbourhood »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
What's The Right Option Mr. JYC Windows Networking 2 07-01-2008 12:57 AM
is rdp through vpn the only option? TDR Windows Networking 4 11-12-2006 10:41 PM
Add option 82 to DHCP. Jaycee Windows Networking 2 10-06-2005 12:19 PM
Option 4 Exchange smallholder Broadband 3 12-15-2004 10:32 PM
option 129 & DHCPD oldandgrey Linux Networking 0 01-05-2004 08:47 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11