To anyone who can help:
hi,
I am currently installing a new NT box running MS Proxy Server 2.0 and Exchange 5.5 (as per the SMALL BUSINESS SERVER 4.5 package). I am in the process of configuring the various Proxy servers but i am confused as regards the LAT. My confusion comes from various articles/books which would appear to contradict each other. Some sources say that external NIC’s should have the fixed IP address (as given by my ISP) entered into the LAT while other sources say this must not be done as this would constitute a security breach by opening a traceable route to the internal network. I am including the relevant excerpts from some of the sources below….could someone please enlighten me as to the correct procedure (i.e. Best Practice) and explain why? thanks for any + all help.
Pete.
any and all responses can also be sent to pp@citac.net
excerpt below taken from the book “IIS 4 and Proxy Server 2 24seven”
“Note that the dialog box shows any existing RAS connection of your NT server as a valid network interface, even though it will be grayed out near the bottom of the dialog box. If you have a static IP for your network connection to an ISP, that IP address should be part of the LAT.”
and
“[TheLAT] should include the IP address of any NIC installed in the NT Server, even NICs that are connected directly to the Internet. Contacting all addresses entered here will be handled by the internal WinSockets of each workstation and will not be forwarded to the Web Proxy or WinSock Proxy Servers for outside remoting.”
Article published on the Techrepublic site Jan 4, 2001 by Troy Thompson:
“Ensure that external addresses are not entered in internal IP ranges. This would identify them as internal addresses, which is a security breach and could allow intruders to access your internal network.”
