I am setting up a webserver behind my firewall is there a

Hi Jim,

IIS doesn't care what firewall you have and CheckPoint doesn't care what web
server you are running behind.

Everything else depends on what you want/need from IIS and your firewall. If
you need to give standard access to IIS open port 80 on CheckPoint, if you
need SSL access then open TCP port 443.

Nice thing about CheckPoint is you can protect your IIS by:
- defining what directories users from internet can access (e.g. they can
access www.mysite.com but not www.mysite.com/privatedir/ (and when someone
tries to access it he is redirected to the site you choose)...
- defining the verbs that client can use (e.g. GET, PUT, ...)
- you can block some types of attacks

For details on how to protect your IIS (or any other web server) using
CheckPoint you should refer to your firewall documentation, because this is
not IIS specific thing. Again CheckPoint "doesn't care" what web server you
are running in your LAN...

I hope this helps you out,

Mike

[quoted text, click to view]

On Wed, 7 Jul 2004 12:35:31 -0700, "Jim"
[quoted text, click to view]

You'll want to consult the Checkpoint documentation and support, but
basically you need to allow HTTP traffic on port 80 to your web
server. You may need to allow other ports for other services as well,
such as HTTPS, FTP, DNS, SMTP, POP, etc. but for basic web service
they're not required.

Checkpoint can get granular on what can be accessed, but that's a
discussion for a Checkpoint group, not an IIS one.

Jeff