Create Virtual Directory from DMZ to LAN

Create Virtual Directory from DMZ to LAN

am 03.10.2006 14:19:54 von gstar

Hi,
I have a Windows 2000 server [IIS5] inside a DMZ with no access onto
the LAN except required ports [SQL etc]. The LAN server is part of a
Windows 2003 domain while the IIS machine is non-domain. I need to
upload files from our website and after trying to create the Virtual
Directory ran into some problems.

1 - Which firewall port do I need to open to allow access from DMZ to
LAN and how safe is it opening this port?

2 - How can I add ACL settings for the non domain machine into shared
directory on the domain machine?

3 - Am I approaching this incorrectly, and a better method exists?

Regards

Gary

Re: Create Virtual Directory from DMZ to LAN

am 03.10.2006 16:50:26 von unknown

Post removed (X-No-Archive: yes)

Re: Create Virtual Directory from DMZ to LAN

am 04.10.2006 09:51:54 von gstar

Hi there and thanx for the reply..

> Allowing File Sharing from DMZ to LAN means you have no security.

As I thought, but I need to achieve this to stop the IIS box becoming a
fileserver.

> Instead of file sharing, do FTP and then pass it through from DMZ/LAN or
> LAN to DMZ.

Can you please expand on methods to achieve this? Currently we utilise
standard ASP code to upload files from any browser to our IIS server
directory. Besides the fact this will out grow the server, I want to
retain IIS for that purpose only.

Are you saying FTP from DMZ to LAN?

Thanx

Gary