Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Good minimal set for firewall? Good server setup?

Hello folks,

On an OS X 10.5 server I am running
IMAPS 993
SMTP 25
HTTP 80
HHTPS 443

and I want to run

OD for the local network
VPN
iChat Server and server-to-server connection
iCal Server
Print services
DHCP (maybe)
Portable home directories

all my services should not communicate unprotected (I do not assume the internal network is safe) but I should have reasonable performance (not too much encryption inside encryption)

So, for instance, I want (have) authenticated OD binding. But my laptops out on the internet should be able to set up a VPN and become part of my LAN.

Now, I do not want to disable my firewall for the inside connections (no: allow all on the intranet IP range) but only allow those connections that are necessary for the clients. Which ports do I activate?

Thanks,

G

PS. One of the reasons for this setup is that my DSL router only has 12 explicit NAT-translations for services. So, probably I'll have to do a redirect all externally initiated traffic to my OS X Server and that means I lose the additional protection of the DSL router NAT stopping traffic before it gets to my server, effectively putting my server directly on the internet. If I can create a NAT-set that stays within 12 translations, this problem does not occur.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden


Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.