J
John F
I want to set up a database on (or mapped from) my webserver that can be read
and written to by an internet user and by users on my internal network. My
issue is the location and sharing of the .mdb file. I'm using ASP and have no
problem with the web side of the project, but I want to make it accessible
(npi) from my internal network. I envisioned a setup like this:
Web ----- Router------DMZ------Web Server
| |
| X
| |
| DB Server
| |
----Internal Network---
Configuration A
The web server is a W2K3 Standard server using IIS 6.0, the Internal Network
is a W2K3 Standard Server Domain, and the db server is an XP client member of
the internal domain, with the db folder set for everyone's use.
The connection between the webserver and the DB server was intended to be a
crossover ethernet cable (the X in config. A) but I could not get the shares
to work.
I changed to a regular dedicated segment with fixed IP's but could
only get the shares to work in the wrong direction. see config B.
Web ----- Router------DMZ------Web Server
| |
| --------
| |
| DB Server
| |
----Internal Network---------
Configuration B
My first question is, is it safe to configure like this:
Web ----- Router------DMZ------Web Server
| |
| |
| |
----Internal Network---
Configuration C
In this configuration, the database would be on the web server, the
webserver would join the internal domain and share the database folder on the
internal network - what safeguards are needed to keep the hackers at bay? How
do I keep the servers from sparring over the internal domain?
I would prefer to use config A so that I don't have servers on the same
network, and somewhere I heard that a separate database server is good idea,
but can an XP Pro machine do that? Do I need to enable IIS on it to get the
share to work on both sides?
I will also post this in the Web Services General group -
TIA
and written to by an internet user and by users on my internal network. My
issue is the location and sharing of the .mdb file. I'm using ASP and have no
problem with the web side of the project, but I want to make it accessible
(npi) from my internal network. I envisioned a setup like this:
Web ----- Router------DMZ------Web Server
| |
| X
| |
| DB Server
| |
----Internal Network---
Configuration A
The web server is a W2K3 Standard server using IIS 6.0, the Internal Network
is a W2K3 Standard Server Domain, and the db server is an XP client member of
the internal domain, with the db folder set for everyone's use.
The connection between the webserver and the DB server was intended to be a
crossover ethernet cable (the X in config. A) but I could not get the shares
to work.
I changed to a regular dedicated segment with fixed IP's but could
only get the shares to work in the wrong direction. see config B.
Web ----- Router------DMZ------Web Server
| |
| --------
| |
| DB Server
| |
----Internal Network---------
Configuration B
My first question is, is it safe to configure like this:
Web ----- Router------DMZ------Web Server
| |
| |
| |
----Internal Network---
Configuration C
In this configuration, the database would be on the web server, the
webserver would join the internal domain and share the database folder on the
internal network - what safeguards are needed to keep the hackers at bay? How
do I keep the servers from sparring over the internal domain?
I would prefer to use config A so that I don't have servers on the same
network, and somewhere I heard that a separate database server is good idea,
but can an XP Pro machine do that? Do I need to enable IIS on it to get the
share to work on both sides?
I will also post this in the Web Services General group -
TIA