Proxy / Firewall / Any solution

[fritzdeelman]

I am looking for the most elegant and simplest solution to this problem:

I have a Windows Server 2003 box which acts as a NAT server for my LAN. I would like to set it up in such a way that only TCP packets from certain machines are forwarded to my public interface. Setting up filters on the public interface will not do as it seems like the packets have already been translated. I can not block TCP port 80 traffic on my LAN interface because then my Intranet stops functioning. Any ideas would be appreciated.

 

[NetSpike]

I'm a big fan of Microsoft Internet Security and Acceleration (ISA) Server.

 

[fritzdeelman]

Don't have premium edition

Pity I don't have the Premium edition. Wonder how much this will cost?

 

[SecretCode]

Most elegant and simplest: move your Win2003 server off the internet and use a dedicated firewall instead. Obviously your intranet will then be unaffected.

A product like SmoothWall or ipcop can do NAT, extensive per-ip and per-port blocking, squid web proxy, and so on. And costs nothing, if you have an unused PC available.

 

[fritzdeelman]

Thanks I will be investigating this tip.

Most elegant and simplest: move your Win2003 server off the internet and use a dedicated firewall instead. Obviously your intranet will then be unaffected.

A product like SmoothWall or ipcop can do NAT, extensive per-ip and per-port blocking, squid web proxy, and so on. And costs nothing, if you have an unused PC available.

 

[fritzdeelman]

Might be a better idea to start a new thread. Your query seems to be unrelated to the issue at hand.