[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference noted::seal

Title:SEAL
Moderator:GALVIA::SMITH
Created:Mon Mar 21 1994
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:1989
Total number of notes:8209

1828.0. "will 3.0 require local graphics monitor ?" by SEAWLF::COLE (Digital NSIS, Greenbelt, Maryland) Mon Mar 03 1997 09:27

	Will the remote management capability coming with
	AFWU 3.0 enable installation on a system without
	a graphics terminal (like Netscape install/mgmt of
	the proxy/news software) ?

	I would like to upgrade an existing SEAL system which
	doesn't currently have any graphics hardware and manage
	it from a workstation in another part of the buiding.

	BTW, when can we expect beta copies of 3.0 for both
	Digital UNIX and NT ???

	thanks,


	...larry
T.RTitleUserPersonal
Name		DateLines
1828.1MS Exchange through firewallNNTPD::"[email protected]"Chris LingerfeldtFri May 23 1997 02:4968
Below is how I setup a client so their Exchange 
client can get their mail from the Exchange server 
through the firewall.  Note the following note at the
bottom about the ports 3000 and 3001.  Below are
the entries from the /etc/screend.conf.

NOTE:  10.40.254.22 is a test host.  You could replace the IP 
       address with any.
       10.40.253.82 is the exchange server	
       

#  Exchange  
#
from host 10.40.254.22 to host 10.40.253.82 tcp port 135 accept log;
from host 10.40.254.22 to host 10.40.253.82 tcp port 139 accept log;
from host 10.40.254.22 to host 10.40.253.82 tcp port 3001 accept log;
from host 10.40.254.22 to host 10.40.253.82 tcp port 3002 accept log;
#
#  Exchange  
#
from host 10.40.253.82 to host 10.40.254.22 tcp port-not reserved accept log;
from host 10.40.253.82 to host 10.40.254.22 tcp port 135 accept log;
from host 10.40.253.82 to host 10.40.254.22 tcp port 139 accept log;
from host 10.40.253.82 to host 10.40.254.22 tcp port 3001 accept log;
from host 10.40.253.82 to host 10.40.254.22 tcp port 3002 accept log;
#

This following note was taken from TechNet:

Since enabling client access from the Internet 
requires that you enable RPC access to the server 
that holds their mailboxes, it is slightly riskier 
than just allowing SMTP access through a dedicated 
Internet mail server. A mistake in configuration 
that lets an attacker gain access to the server 
could compromise mailbox and public folder contents, 
among other things.
By default, Microsoft Exchange Server dynamically 
assigns TCP/IP port numbers to be used for RPCs to 
the Microsoft Exchange Server directory or information 
store. Clients always connect to port 135, which is 
the Windows NT RPC End-Point Mapper service. This 
service tells the client which dynamic port numbers 
to use to access the Microsoft Exchange Server directory 
and information store.
If you are using a packet filter, you can force Microsoft 
Exchange Server to use a fixed port for RPC by creating 
a REG_DWORD registry value called TCP/IP port. This 
value must be a port number which you also configure 
in your packet filter. For the directory, the value 
should be under the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeDS\Parameters\T
P/IP port

For the information store, the value should be under 
the key below:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\ParametersSy
tem\TCP/IP port

You must configure your packet filter to allow TCP 
connections to these ports plus port 135 (for the RPC 
End-Point Mapper service) on the Microsoft Exchange 
Server-based server.


[Posted by WWW Notes gateway]