Webserver setup on Watchgaurd x700

Posted on 2007-09-28
Last Modified: 2013-11-16
Good Morning,

I need to setup a webserver that will be running an application that will allow my customers to have limited access to their records,create service calls,etc... The app points to my SQL server that holds the databases.

I have setup a new 2003 member server running IIS.

My question to you is what would be the best way to give the public access to this website using a firebox x700. Our support has lasped with them and they want $1000 to renew.

I have Firebox system manager up and running I'm just not fimilar with howto set this up.

Thanks a bunch.
Question by:macook
    LVL 13

    Expert Comment

    How many customers will be accessing this application?

    One benefit of the Firebox is that you have the choice of using an HTTP proxy rule for incoming traffic, which although quite resource intensive, would seriously improve the security of your site by allowing you to restrict pattern paths and stop SQL injection attacks, etc...
    LVL 32

    Accepted Solution

    You would need to add a HTTP service and allow incoming traffic on the service, the steps I am listing are for WSM/WFS 8.3.1 or higher with other versions the process would remain the same but the steps might differ. In Policy Manager, edit the HTTP proxy service [if not already added, then click Edit->Add policy; from Proxies select HTTP-proxy; click Add]; configure service as below:

    In the From box, click Add-> select ANY; click Add; click OK

    In the To box:
     click Add;
     click Add NAT; under external select the public IP address of your firebox external or WAN interface [if you have multiple public IPs and would like the incoming traffic on a different public IP then add it (if not already done so)]; under Internal IP, specify the internal IP address of the web server; if you are hosting the web server internally on port other than 80, then click "Set internal port to a different port than this policy" checkbox and specify the port number; otherwise leave the checkbox unchecked.

    Click OK all the way back. Save settings to firebox and now incoming HTTP connections would be allowed.

    If you have trouble allowing incoming connections please let me know which exact WSM version you have, and would list specific steps for you.

    Please implement and update.

    Thank you.
    LVL 1

    Author Closing Comment

    Thanks for you help. Sorry I am just not Accepting I thought I took care of this a while back. I was able to get everything up and running.
    LVL 32

    Expert Comment

    Good to know that everything is working fine.

    Thank you for A grade.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Join & Write a Comment

    If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now