Hi Folks, We have a db mirroring client/server app that we'd like to run across to the DMZ side of our firewall. If I'm understanding all this correctly, we've got the outside world coming in through a firewall (firewall 1, I believe) then via a frame-relay cloud to a local box. That box is connected via a Cisco router which is allowing only http, netbios and passive ftp between it and the 'inside'. The firewall is, again, I believe, allowing only http into the frame relay cloud (all this is setup on a nat'l managed level, so details are few and hard to get) to our local box, which is to provide access to a local box w/ a copy of the database on it. The setup now uses a nightly transfer, via passive ftp, of the dbs, but we do have have an app that allows mirroring. So, my question is; what's the risk, concerns etc of telling that app to use port 80 and running it across the Cisco? What would be the possibilities of opening a different port and using ACLs to limit that port to the 2 machines we know to be involved? Is there a better way? Thanks for any hints and sorry if I'm mangling any of the terminolog etc. a Andy Bach, Sys. Mangler CC:Mail andy bach at ~7ca-chicago Internet: andyat_private VOICE: (608) 264-5178 ex 5738, FAX 264-5105 If one studies too zealously, one easily loses his pants. -- A. Einstein.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:07:25 PDT