Firewall questions > Small Business Server Support Forum

ForumsSurveysChat

Support

Forum

Download

About

Registered users

	Membership:
	Latest:Ron Ang
	New Today:9
	New Yesterday:5
	Overall:23401

Private messaging

You must be logged in to use this module.

Top 10 posters

Name	Posts
Mariette Knap	12949
Marina Roos	12626
Eriq Neale	2117
Stan Guinn	1917
Michael Patrick	1914
Robert Pearman	1784
Nick Pieters	1425
william warren	634
Stewart Brown	620
Kevin D.	579

Articles

»	Antivirus
»	Backup and restore
»	BlackBerry
»	Branch offices
»	Configuring routers
»	CRM
»	Exchange Server 2000
»	Exchange Server 2003
»	Exchange Server 2007
»	ISA Server 2000
»	ISA Server 2004
»	Macintosh integration
»	Network configuration
»	Planning and installing your SBS server
»	Press releases
»	Project server
»	Public articles
»	Remote Access
»	SBS 2000
»	SBS 2003
»	SBS 2003 R2
»	SBS 2008
»	Securing your SBS 2003 network
»	Server issues
»	Service Packs
»	Sharepoint
»	SQL 2000
»	SQL 2005
»	SQL 2008
»	Subscriber articles
»	Terminal Servers
»	Third party solutions
»	Windows SBS 2003 to 2008 Migration Guide
»	Workstations

View all articles

Welcome unauthorized visitor

If you want to join us in the discussions on this forum you need to register first. Registration is free! If you are already a registered user please login to join the forum.

Small Business Server Support Forum

Unanswered Active Topics

Forums Search

Forums > Microsoft Small Business Server 2003 & 2000 > Small Business Server 2003

Subject: Firewall questions

Prev Next

You are not authorized to post a reply.

Author

Messages

Lianne Gaunt User is Offline

United States
Member since
5/19/2006

Platinum Membership
Posts: 59

8/22/2008 08:03 PM
We currently use SBS2k3 premium with ISA server. I am getting ready to install a Cisco 5505 firewall between the server and our DSL modem. I am planning to continue to use the SBS as the DHCP server and no the firewall. I believe I know which ports to make sure are open so I can continue to use the services we currently use (OWA, RWW, etc.). Can anyone tell me if I am likely to run into conflicts between ISA rules and the firewall. I am not sure if I should disable my custom rules in ISA and just use the firewall to control or both. My understanding from my ISP is that once I clear the DSL modem then it basically acts as a bridge and all traffic is forwarded straight to the firewall. I am a little nervous about this and want to try to anticipate any problems that might arise. Any thoughts or suggestions on any of the above would be much appreciated. Thanks.

Stan Guinn User is Offline

Texas, USA
Member since
12/29/2005

Platinum Membership
Posts: 1917

8/23/2008 04:48 AM
Hi Lianne, I think if I was deploying a Cisco 5505 I would proabaly remove ISA and go to a 1 NIC configuration behind it.

Lianne Gaunt User is Offline

United States
Member since
5/19/2006

Platinum Membership
Posts: 59

8/25/2008 10:41 PM
Thanks Stan. Your suggestion makes sense and it sounds like that is how we will be doing it when we upgrade to 2008 next year. Will the Cisco work with ISA if I decide not to remove ISA from this server. I was really hoping to just put the Cisco firewall between the DSL modem and the external NIC on the server, configure the ports I needed and hopefully all would work and I wouldn't have to explain why we no longer had Internet access.

Marina Roos User is Offline

The Netherlands
Member since
3/24/2005

Forum Admins
Posts: 12626

8/26/2008 12:36 AM

Hi Lianne,

What kind of custom ISA rules do you have? ISA will work with 2 nics and a Cisco firewall. You will just have to forward the ports to the external nic from the Cisco that you want to use, like 25 for SMTP, 443, 4125. If you want Companyweb accessible from outside, add 444.

Marina Roos Smallbizserver.Net Administrator

Mission accomplished. We have joined the branch office to our SBS 2003 Headquarters and have the same user experience on the branch office as we have on our local network at the Headquarters. Want to know how? Signup up for a subscription and get instant access to the article series 'How to add an additional Domain Controller from a remote office to the SBS domain'

Lianne Gaunt User is Offline

United States
Member since
5/19/2006

Platinum Membership
Posts: 59

8/26/2008 05:27 PM
Hi Marina, Many of our rules are old ones that came over with ISA 2000 and are outdated. We also have rules for WSUS and Trend. But mostly the rules are ones created by SBS. I have never spent much time adding/removing or customizing the existing rules. I am thinking that as long as I forward the same ports from the Cisco to the external NIC that I had our ISP open for us that we should be ok. Thanks.

Stan Guinn User is Offline

Texas, USA
Member since
12/29/2005

Platinum Membership
Posts: 1917

8/27/2008 02:06 AM
IMHO, your assumptions are accurate. You should be OK. If anything cropped up I would geuss it would be a minor port routing issue. If you really are going to upgrade to SBS 2008 next year, I probbaly wouln't even bother mucking around with trying to remove ISA. Probably not worth the hassle.

Lianne Gaunt User is Offline

United States
Member since
5/19/2006

Platinum Membership
Posts: 59

8/28/2008 07:39 PM
Thanks. That is what I was hoping to hear. Hopefully all will go well.

You are not authorized to post a reply.

Forums > Microsoft Small Business Server 2003 & 2000 > Small Business Server 2003 > Firewall questions

ActiveForums 3.7

Forum policy

These Discussion Forums are dedicated to the discussion of the Small Business Server and related server and client software. For the benefit of the community please observe the following posting guidelines:

No Advertising. This includes promotion of commercial products and non-commercial products which are not directly related to Small Business Server and related server and client software.
No Flaming or Trolling.
No Profanity, Racism, or Prejudice.
Site Moderators have the final word on approving/removing a thread or post or comment.