ICS/Windows firewall vs Remote Access and Routing

Discussion in 'Windows Small Business Server' started by Tim, Oct 9, 2005.

  1. Tim

    Tim Guest

    Hi,

    I have a server setup with basically the deafult installation.

    Howeber Windows Firewall is turned off, as it cannot be used with RRAS. Is
    thisagood configuration, as I belive my MsSQL database is being attacked, so
    I would like to remove access to it form external clients.

    Is there anyway to have both Windows Firewall and RRAS working? and what
    exactly does RRAS do?

    Any help appreciated.
    Tim
     
    Tim, Oct 9, 2005
    #1
    1. Advertisements

  2. RRAS is basically the routing engine of the Server, it can perform many
    services such as VPN, Remote Access nd NAT services to the network, (Assume
    this is SBS standard, SBS Prem. has an additional software much more
    configurable calles ISA, this still uses RRAS for its Routing and VPN
    features but provides more detailed control of the features and services.

    If you check out the NAT side of RRAS you will find some Firewall features
    present there.

    I hope you are using a DUAL Network card setup for this server?


    TT
     
    TimeTraveller, Oct 9, 2005
    #2
    1. Advertisements

  3. Tim

    Tim Guest

    Hi,

    Yes I'm using two Netwrok Cards, I don't think i need RAS, as for my current
    configuration all client computers connect via a router, this is a temporary
    setting clearly, as I understand RRAS just acts like a software router, so
    as I have ahardware router attc=ached to alll clients I could by-pass it?!

    I understand that would not be recommended, but this isn't a 'live'
    enviroment.

    Tim
     
    Tim, Oct 9, 2005
    #3
  4. I would suggest still using RRAS behind your router setup

    LAN > SBS > 2nd NIC > Router

    Client PCs will use the SBS server as the internet Gateway, this is a better
    practice - obviously you will have some form of firewall on the Router
    itself, using the NAT and its firewalling features will give an added
    security layer and also help you adhere to SBS good practices in the
    process.

    If you have a Single Internet IP (maybe even dynamic) then this can still be
    achieved


    SBS NIC 1(LAN) 192.168.0.2 NIC2 (internet) 10.0.0.2 Router 10.0.0.1(LAN
    SIDE)


    TT
     
    TimeTraveller, Oct 9, 2005
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.