• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 471
  • Last Modified:

Webserver setup on Watchgaurd x700

Good Morning,

I need to setup a webserver that will be running an application that will allow my customers to have limited access to their records,create service calls,etc... The app points to my SQL server that holds the databases.

I have setup a new 2003 member server running IIS.

My question to you is what would be the best way to give the public access to this website using a firebox x700. Our support has lasped with them and they want $1000 to renew.

I have Firebox system manager up and running I'm just not fimilar with howto set this up.

Thanks a bunch.
  • 2
1 Solution
How many customers will be accessing this application?

One benefit of the Firebox is that you have the choice of using an HTTP proxy rule for incoming traffic, which although quite resource intensive, would seriously improve the security of your site by allowing you to restrict pattern paths and stop SQL injection attacks, etc...
You would need to add a HTTP service and allow incoming traffic on the service, the steps I am listing are for WSM/WFS 8.3.1 or higher with other versions the process would remain the same but the steps might differ. In Policy Manager, edit the HTTP proxy service [if not already added, then click Edit->Add policy; from Proxies select HTTP-proxy; click Add]; configure service as below:

In the From box, click Add-> select ANY; click Add; click OK

In the To box:
 click Add;
 click Add NAT; under external select the public IP address of your firebox external or WAN interface [if you have multiple public IPs and would like the incoming traffic on a different public IP then add it (if not already done so)]; under Internal IP, specify the internal IP address of the web server; if you are hosting the web server internally on port other than 80, then click "Set internal port to a different port than this policy" checkbox and specify the port number; otherwise leave the checkbox unchecked.

Click OK all the way back. Save settings to firebox and now incoming HTTP connections would be allowed.

If you have trouble allowing incoming connections please let me know which exact WSM version you have, and would list specific steps for you.

Please implement and update.

Thank you.
macookAuthor Commented:
Thanks for you help. Sorry I am just not Accepting I thought I took care of this a while back. I was able to get everything up and running.
Good to know that everything is working fine.

Thank you for A grade.

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now