Firewall Client and Internet

  • Thread starter Rajiv Khandelwal, M. D.
  • Start date
R

Rajiv Khandelwal, M. D.

Following the advice of gurus in the newsgroup, the internet connection has been removed from the SBS 2000 and terminated on a XP node. Kindly advise on the following:
1.. if the Microsoft Firewall Client is still required to be run on the XP hosting the internet connection?
2.. how does one update the virus definitions for the Norton Corporate Antivirus installed on the SBS 2000?
Thanking you in anticipation.

Rajiv Khandelwal
 
R

Rajiv Khandelwal, M. D.

Susan,

Thanks for your reply. I have two NIC cards on the XP and one NIC is for the
internet through a EXE file provided by the ISP.

I had a problem with the internet terminating on my SBS 2000 and thereafter
this method has been used.

Rajiv Khandelwal
 
H

Henry Craven

Rajiv,

I'd suggest you install that ISP connector App on a cheap PC between your
ISP and the SBSserver's WAN NIC ( it will be the equivalent of a
FW/Router ).

You -do- need an aggressively effective and granular firewall so I'm
sure -no- responsible "Guru" or other poster in the SBS Newsgroups would
have told you to disable ISA in the absence of an equivalent in place
stand-in. ( and you have already suffered the consequences of such an
action ) In fact we -do- know different, (that you have been told this
time and again), don't we Rajiv ? ...so please don't post such nonsense
again. Others might believe you and find themselves hacked as you were,
.....and that would be very bad Karma.

--
Henry Craven.

========= Post It Appropriately: ============
SBS 4/4.5 : microsoft.public.backoffice.smallbiz
SBS 2000 : microsoft.public.backoffice.smallbiz2000
SBS 2003 : microsoft.public.windows.server.sbs
=====================================
 
H

Henry Craven

You may find this helpful.

Using Windows 2000 as a Home or Small Business Gateway

http://www.microsoft.com/technet/tr...nol/windows2000serv/deploy/depopt/w2kgate.asp

modify it to suite the SBS environment.
( DHCP Client only on the Gateway Box ( and only if your ISP assigns you
a Dynamic IP address, and the SBServer between the Box and the LAN
Switch/Hub )

--
Henry Craven.

========= Post It Appropriately: ============
SBS 4/4.5 : microsoft.public.backoffice.smallbiz
SBS 2000 : microsoft.public.backoffice.smallbiz2000
SBS 2003 : microsoft.public.windows.server.sbs
=====================================
 
R

Rajiv Khandelwal, M. D.

Henry,

I think that you have got everything wrong. Where have I mentioned that I
have disabled ISA or the Firewall?

What I am saying is that I have removed the internet connection from the SBS
2000.and put it on a node, which is what you are mentioning.

Rajiv Khandelwal
 
S

Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

Yes and currently you have no ISA between you ....how are you sharing
that connection? And what firewall do you currently have in place? Is
this a satellite connection that comes into that XP that then should be
stuck in front of SBS2000?

If that XP is a member of the domain and is doing the sharing of the
Internet...what protection do you have?


Internet connection >> into the server >> workstations

Is the preferred way.. you sandwich that Server as protection between
teh Internet and the workstations


not

Internet connection >>into workstation >> shared to server/workstation


Dr. Khandelwal go to www.smallbizserver.net click on network setups. Is
there a reason that you cannot follow the setups on those pages?
 
S

Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

I should say "is there a technical reason"?

Like some service or setup that won't run on the SBS or router?
 
H

Henry Craven

Humble apologies Rajiv.
I totally mis-read. ( ...and for the life of me now I can't see how as
you state things pretty clearly. I should definitely re-read and ensure
I've posted directly to the question before I send. Apologies again. )

So let me address this some more.

Placing the Internet connection on a node inside the LAN bypasses ISA and
makes you as vulnerable as being without it.

I'd definitely suggest you use the setup I described:

ISP
|
External NIC
Bridge/Router/Firewall
( can be a PC if needs be so as to - as in your case - host specific ISP
connection Application )
Internal NIC
|
WAN NIC
SBS with ISA Configured & Enabled
LAN NIC
|
Switch/Hub
| | | |
LAN Workstations.

So, to be specific to your questions,

1. As the PC Hosting the ISP's Connector is -outside- the LAN it does not
need the ISA Client

2. AFAIK Norton LiveUpdate uses FTP:
Outbound port: 21
Inbound port: 20

So you'll need to open ports 20 & 21 Appropriately in ISA

There used to be a problem with their using a POPproxy that had to have
port 110 open, but I'm not sure if that's still the case. - You may wish
to contact Symantec and check on these matters.

--
Henry Craven.

========= Post It Appropriately: ============
SBS 4/4.5 : microsoft.public.backoffice.smallbiz
SBS 2000 : microsoft.public.backoffice.smallbiz2000
SBS 2003 : microsoft.public.windows.server.sbs
=====================================
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Slow performance of XP node 2
Stopping synchronization of files 3
Windows Firewall 1
Applications and rights 1
Log on problem 3
Noton Antivirus Corporate Edition 9
Memory utilization by IE7 4
Folder redirection 6

Top