BES Router in DMZ configuration
 

I currently have a BES V4.1.6 installed on my internal network with all the components sitting on one server. After reading further into the RIM documentation i realized that placing the router in a DMZ was far more secure.

i intend to install the router between two firewalls.

Currently port 3101 is opened for SRP outbound and BB service connection Inbound, what changes of ports are required to allow the BB router to communicate with the BES. Take into account i want to change the port number between the router and BES.

Thanks .....Bryan

Moved to BES Admin Corner, better chance of replies there...

Thanks Jadey.

What is that BB service connection that you speak of????

All you need for BES is 3101 outbound. BES initiates contact, only and always.
Never did figure out how the router in the DMZ made it more secure.

Actually, I never did figure how the whole DMZ was more secure unless the server in the DMZ ahs no NIC pointing towards the inside firewall. I figured that if the hacker was good enough to breach the first firewall, he'll propably be good enough to breach the second one...

It's not penetrating the firewall it's hacking the BlackBerry Router component.

The idea is if the BlackBerry Router was on the LAN and someone hacks it they would have access to the resources on the LAN.

If the BlackBerry Router was in a DMZ and someone hacks it they have access to nothing.