Re: [FW-1] OWA Outlook Web Access in DMZ...need access to Active Directo

Subject:	Re: [FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory...
From:	Sergio Alvarez <seralvar AT GMAIL DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Mon, 18 Dec 2006 20:39:21 -0600

When you say "no errors are reported from the fw", what exactly do you mean?
Is the traffic from the OWA to the AD Domain Controller not shown at all or
is it that it passes through without causing any drops shown in the logs?

Most likely you need to open several of the ports MS normally uses... maybe
somebody else in the group is more familiar with MS networking than me and
might give you more details on that, but what I usually do when I need to
pass traffic that I am not very familiar with is either check and see what
ports are blocked and open them or create a full access rule between both
machines and see if the connection works, if it does, then check the
required ports and narrow down the rule to then. If even with an open
(accept any any) between box boxes the traffic does not go through, then
most likely you have an issue related with SmartDefense.

Hope this helps.

Regards


On 12/18/06, no-need to-list <ogos69 AT yahoo DOT com> wrote:


Hello Everyone...
Has anyone deployed OWA  Outlook Web Access in DMZ ?,
it need access to MS active directory, no errors are reported from the FW
(r55-hfa18), but still is unable to talk to MS Active directory.
What is the best way to deploy this?
Regards...

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================




--
Sergio Alvarez
(506)8301342

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., no-need to-list Re: [FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., Sergio Alvarez <= Re: [FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., Hugo van der Kooij Re: [FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., Ray Re: [FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., no-need to-list Re: [FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., Ray

Previous by Date:	[FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., no-need to-list
Next by Date:	Re: [FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., Hugo van der Kooij
Previous by Thread:	[FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., no-need to-list
Next by Thread:	Re: [FW-1] OWA Outlook Web Access in DMZ...need access to Active Directory..., Hugo van der Kooij
Indexes:	[Date] [Thread] [Top] [All Lists]