03-20-2007 06:03 PM - edited 03-11-2019 02:49 AM
I would like to find out on what is the best practice on setting up Windows Media Server on DMZ. I am trying to setup a WMS server on the DMZ and would like this DMZ server to communicate with my SQL server on my internal network. Below is my configuration.
03-20-2007 09:56 PM
03-21-2007 06:14 AM
Whats wrong with it? Looks ok to me.
03-21-2007 07:00 AM
the DMZ server cant get to my SQL server on my internal network. the other thing im concern is, is this a best practice in allowing DMZ traffic to my internal network? i just want to get some idea.
thanks
03-21-2007 07:00 AM
yeah.the configuration is absolutely fine.
and you have followed the best practices. :)
static is there for the translation purpose between the inside and dmz.
on the dmz interface,there's an access-list which permits the sql data to inside,then there's a deny which denies the rest of the traffic to inside and then there's a permit ip any any for internet access in dmz.
good approach.
let us know if there's any specific question/issue/concern that you might have
Regards,
Sushil
Cisco TAC.
03-21-2007 06:58 AM
expect
03-21-2007 07:02 AM
hi,
could you please attach the syslogs generated while you attempt to connect to the sql server in inside.
the config. is ok.
Regards,
Sushil
Cisco TAC.
04-12-2007 04:53 PM
Thanks. The question that was raised was: by allowing communication from dmz to the sql server, someone can potentially break or hack into my inside network via the dmz. What they also want to do is to have this DMZ server have Internet capability for Windows patching. i am not sure if im in favor in doing this. please advise.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: