On 5/1/05, Jason Gomes wrote:
> What is the preferred placement for a OWA front-end server given these
> two possible network configurations and why?
> 1) [Internet] <=3D=3D> [PIX Firewall] <=3D=3D> [ISA Proxy] <=3D=3D> [PIX =

> <=3D=3D> [OWA] <=3D=3D> [Internal Net w/Exchange Svr]
> 2) [Internet] <=3D=3D> [PIX Firewall] <=3D=3D> [ISA Proxy] <=3D=3D> [OWA]=

<=3D=3D> [PIX
> Firewall] <=3D=3D> [Internal Net w/Exchange Svr]
> Notes:
> The ISA server is performing a reverse proxy for HTTPS connections.
> In #1, the backend firewall will only allow port 443 through to OWA.
> In #2, all ports required for OWA to communicate with the internal
> exchange server is allowed.

What type of clients? Road warrior employees with laptops? If so, how abou=

3) Verified client with proprietary VPN client and AES 256 -> Big bad
Innernat -> Firewall only allowing connections from proprietary VPN
client -> ISA Proxy -> OWA & Exchange

firewall-wizards mailing list