I'm new to this, so if my plan is incorrect please let me know...
I am deploying my first firewall, I plan to put my webserver, name servers, and mail server in the DMZ (orange) and my workstations, mail filter, and exchange server (SBS with Domain control) in the LAN (green).
I already tried this once, but I'm starting over after being unable to completely understand what pinholes need to be open between the Windows based web server and the domain controller so that I can log into the web server via remote desktop or access the web server's shared folders. I looked around online and it seems like there are all kinds of ports that Windows uses, but I don't want to open them all unless I have to.
Also, does anyone know of a way to allow for Outlook Web Access with this configuration, or will I have to move my Exchange server (SBS) into the DMZ?
I'm using IPCop now, but may move to a M0n0wall
I'm here to learn - if I'm doing something moronic please let me know in a manner that allows me to do so. Thanks,
Richard