RE: [WhatsUp Forum] Web access through a firewall

[Whatsup]

I do the same as PJ in   that I use a special port and only let that be accessed from managed sites. I further use Client Authentication via Checkpoint for other sites and VPN Client acccess for those that have it.   IanC -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Paul Jasa Sent: 25 February 2004 19:21 To: [EMAIL PROTECTED] Subject: RE: [WhatsUp Forum] Web access through a firewall My personal opinion being security-minded:   First of all, I would use the option to run the web server on a VERY different port, like port 55355 or something like that.  Test it from the inside to make sure that works, that would be:   http://marks.whatsup.box:55355   Then, open your firewall to allow ONLY to the NAT (external) IP address ONLY on that port 55355.  You can test by opening your DOS window and doing a:   telnet marks.whatsup.box  55355   you should bet a blank response.   If you were really secure, you'd limit on the firewall what source IP people can come from, but that's just me.  pj ====================================== Paul Jasa  DATA PLUMBER ====================================== -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Mark Hunsaker Sent: Wednesday, February 25, 2004 01:26 PM To: '[EMAIL PROTECTED]' Subject: [WhatsUp Forum] Web access through a firewall Hello All,   I have set up my WUG 8.0 server and everything is running fine.  Monitoring, notifications etc... are all good and working properly.  Next step is to allow monitoring and access via the web from outside our network.  I have everything running what appears to be fine on the web side from inside the network.  I translated the address from and inside to outside address in the firewall and opened port 80 but I still can not access it from outside the network.  I have verified that the DNS entry from my ISP is valid and can ping the address and receive a response.  So - What have I overlooked, I just need a fresh pair of eyes so to speak.  Probably something so simple I will feel really dumb when everyone points it out to me.   Thanks for you assistance. Mark A. Hunsaker Systems Administrator Town of Flower Mound 972.874.6053 voice 972.874.6452 fax [EMAIL PROTECTED]   ________________________________________________________________________ This Inbound email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com ________________________________________________________________________ The information contained in this e-mail and any attached documents may be privileged, confidential and protected from disclosure. If you are not the intended recipient you may not read, copy, distribute or use this information. If you have received this communication in error, please notify the sender immediately by replying to this message and then delete it from your system. ________________________________________________________________________ This email has been scanned for all viruses by the MessageLabs Email Security System. For more information on a proactive email security service working around the clock, around the globe, visit http://www.messagelabs.com _______________________________________________________________________ This e-mail message and any attachments may be confidential and may also be a privileged communication. It is intended solely for the person(s)to whom it is addressed. If you are not the intended addressee of the message you must take no action based on it. Please reply to this message to let us know you received it in error and also delete the message from your system. This disclaimer confirms that MessageLabs have swept e-mail and attachments for viruses on behalf of Moffat Communications Ltd. However it does not guarantee that either are virus-free and accepts no liability for any damage sustained as a result of viruses. #### MOFFAT COMMUNICATIONS LTD Registered in UK [EMAIL PROTECTED] #### _