On Friday 06 September 2002 20.37, Jacob Fierberg wrote:
I am trying to open port 443 on the firewall to gain access to Outlook Web access on our exchange server. I have already modified the /etc/rc.config.d/firewallX.rc.config and put in the following FW_SERVICES_EXT_TCP="443" FW_SERVICES_EXT_UDP="443"
FW_SERVICES_INT_TCP="443" FW_SERVICES_INT_UDP="443"
These are for services running on the firewall box itself. If you want to let through packets destined for machines behind the firewall you should look at FW_FORWARD or FW_FORWARD_MASQ depending on whether the exchange server has a real or private (NATted) IP address. I would also recommend putting any servers you allow access to from the Internet on a separate net, apart from your internal net, a so called DMZ. That way, if the machine is cracked (and let's face it, it's an exchange server :) your internal network isn't automatically compromised. regards Anders