The following is a Question I posted on the PIX Forum but I dont seem to have an answer on the Exchange server part
"I have a PIX 515R which I use at home at present (on loan from work for last 1.5 years) I need a double layer Firewall (British MOD Request) so that I can use the Army mail encryption software on my clients so that we can receive restricted mail.
The first problem is I have a OWA server that is Exchange 2000 and Winblows 2000 and is obviously a AD server so therefore needs quite a few ports open from the DMZ to the 3 Internal AD servers and I need the internal clients to access there mail both internally using Outlook and externally using OWA.
The question is where would the best place to use the PIX be:
>>>>internet ---> PIX515R ----> OWA server ----> (some firewall that someone can recommend)----> Internal network.
or
>>>>internet ---> some firewall that someone can recommend ----> OWA server ----> PIX515R ----> Internal network.
and what Firewall would you recommend as I have to have two different firewalls in this configuration I am open to Linux suggestions.
Next question would it be more secure to use a pure web server in the DMZ (in place of exchange server) and use the exchange filter (.dll for OWA comunications)
next question I have two internet connections a static IP cable modem and a Leased line that has static IP's is there a way to allow the pix to do load balancing (the PIX has three interfaces)"
The question is do I need to install Exchange on my OWA server in the DMZ is there a way to "load/install" the Exchange Dll's onto the DMZ Web server so that my AD/Exchange server is not at all available on the internet.
TIA
Sean Chambers
