Solved

Giving DUN users access IIS WEB server but not downstream SQL server.

Posted on 2006-07-06
3
199 Views
Last Modified: 2013-12-04
HI Brainies
I need to provide security protection to our system. ( All Microsoft software )
 I wish ....  DUN users to  connect to  a RAS server with IIS. This server gets its data for ASP pages from a SQL server. How do I allow these DUN users to only see web pages with no security issue with  them stuffing up the downstream SQL server.
 I assume also I cannot do all this on the one box from a security point.

Thanks in advance
Rodney
0
Comment
Question by:comerro1
  • 2
3 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 17066888
on your RAS server, assign a dedicated subnet for those DUN users with no default gateway assigned, so all the DUN users will only access this separated subnet (e.g. 192.168.1.x). the IIS web server of course needs to assigned a fixed IP on this subnet too. the IIS server may be a multihome host, which connects another subnet (e.g. 192.168.2.x) on where the SQL server stays.

the topology diagram may be as follows:

DUN users -> (PBX) -> RAS server <-> DUN subnet <-> IIS <-> SQL subnet <-> SQL server
                                                         192.168.1.x                    192.168.2.x

hope it helps,
bbao
0
 

Author Comment

by:comerro1
ID: 17069427
Hi Bbao
Do I load 2 ips on the 1 NIC or use 2 NICs in the RAS box?

Rodney
0
 
LVL 37

Accepted Solution

by:
bbao earned 500 total points
ID: 17070017
2 IPs on the same NIC shoud be OK but not recommended because 1) security considerations 2) compatibility.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to organize and manage AD group? 10 66
PGP key : industry standard 2 71
Can we get infected by copying & pasting 6 184
Risks of using Camtasia Studio 9 51
In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question