Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DMZ Question

Status
Not open for further replies.
jurgen

jurgen

Programmer
Feb 8, 2001
209
BE
I need to setup a DMZ zone because we've 2 servers that need to be accessed from the world and our own LAN. But no one form the world may access our LAN

Is it possible to have 1 AD controller in our LAN that controls the users on the DMZ servers, or do i need to setup de user as local users on the DMZ servers.

Do we've have to make a seperate domain for the DMZ servers ?

Can anyone help me to setup an DMZ with Windows 20003 Servers.

Regards Jurgen


 
Sort by date Sort by votes
Typically, to further protect your internal LAN from the Internet, people install DMZ server in workgroups. You can create a special domain in the DMZ if you need multiple servers to act with the same security user names and passwords. However, having the DMZ servers acting as stand alone servers is OK in most cases. Many people put web servers in DMZ's for public access. Therefore, these servers don't need to be in a domain.

The function of these servers in the DMZ will dictate whether a domain is needed.

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
so if i go this way it means that i've to define local users if some persons need's access to an ftp server.

How about dns if i want to have we're do i define this ?
 
Upvote 0 Downvote
Yes, for an FTP server you are safer to install this as a stand alone server (no domain).

To defin you will have to register the domain name website.com with Internic on the web. You can contact your ISP provider and they can do this for you. Or you can go to a generic domain registration company on the internet like JDHOST.com to register your domain name.

You will have to call you ISP to register a public IP address to have this point to the web server of your company.

CAll the ISP and ask them to register an A record for you. Something like this:

A RECORD for DNS:

65.43.21.34

(Where the public IP address of you web server.)

-hope this helps...



Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Sorry it was a little bit mal formed.

I've registered the domain and everything works, but my question is i've different servers that have to be accessed, one is and the other is both have to be accessible and i've only one public address

JJ
 
Upvote 0 Downvote
Oh...because you only have one public IP address and I'm guessing TWO servers, you will have to create Firewall RULES to point traffic the right way.

For example, if one server is a WEB server and the other server is an FTP server you can create these rules on your firewall:

Allow port 80 to "Webserver IP"
Allow port 21 to "FTP server"

When someone from the internet types they will be redirected to the Webserver (This uses port 80)

When someone from the internet types FTP:\\ they will be redirected to the FTP server. (This uses port 21)

So the same public IP address and DNS A record can be used to point to two different servers.

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
An extra question, i've configured IIS. A person on the forum of IIS told me, that it is best not to use the default site, but to create seperate sites in IIS.

So I did this and it works. My question is :

My server 192.168.0.201\companysite is my location of the web, do I need to adjust the firewall to point to this or use host headers in IIS to redirect.

Jurgen
 
Upvote 0 Downvote
I think the host headers will redirect for you. You just need to make sure that the firewall redirects to your IIS servers (on port 80).



Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

edgar28
  • Locked
  • Question
Question on Network cards - Windows Server 2019
Replies
1
Views
254
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
HyperV Virtual Switch and Physical NIC question
Replies
3
Views
268
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
General Windows Server Datacenter/Standard Licensing Question
Replies
1
Views
187
DrB0b
DrB0b
Krus1972
  • Locked
  • Question
Web.Config URL Rewrite Question
Replies
0
Views
176
Krus1972
Krus1972
Shimness
  • Locked
  • Question
Hyper-V Server Build Questions
Replies
6
Views
352
technome
technome

Part and Inventory Search

Sponsor

Back
Top