Announcement

Collapse
No announcement yet.

Connecting to Webserver in DMZ

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Connecting to Webserver in DMZ

    Everyone,

    I am hoping you can provide me with some guidence on this one. I am looking for the best way to work with a web server in the DMZ from my trusted network.

    In an attempt to be more secure he networks are on two different classes of network and the DMZ web server is not a part of the domain. The trusted is a class B subnet while the DMZ is a Class C network.

    I am trying to find the best way to control the web server from a computer within the trusted network. I have read the dangers of opening up the web server to terminal services but that is the only route I can think of to take control of this computer from off-site.

    Can anyone suggest a better way to connect to this web server? The only half-decent idea I have had is to setup a VPN to the DMZ and then do and RDP.

    Ideas???

  • #2
    Re: Connecting to Webserver in DMZ

    Hi!

    If you use Cisco PIX or ASA you can open route from secure internal network to DMZ server by port 3389 and nobody can access to port 3389 to DMZ from Internet. You don't need to add role of Terminal Server for getting access to DMZ Web Server.
    Best regards,

    Look before you leap!

    MCSA 2003, MCDBA 2000
    IT Consultant.

    Comment


    • #3
      Re: Connecting to Webserver in DMZ

      Ok so if I open port 3389 from trusted to optional interfaces how do I get on to the other network's IP range? The trusted subnet is 172.xxx.xxx.xxx and the optional is 192.xxx.xxx.xxx?

      Could I just put in the IP of the optional interface on my firebox and have port 3389 forwarded to the web server? Or do I put in the IP of the web server and it will figure out to use the optional port???

      thanks

      Comment


      • #4
        Re: Connecting to Webserver in DMZ

        You just open access from internal network to DMZ network through 3389, you can use mstsc.exe for access to DMZ web server.
        Best regards,

        Look before you leap!

        MCSA 2003, MCDBA 2000
        IT Consultant.

        Comment

        Working...
        X