Can a web server setup in DMZ access SQL server on LAN?
We're working on setting up a new application that needs a web server (IIS) and a SQL Server.
Local PC's on the LAN will talk to the SQL server normally. Mobile users use web server to access app.
My question is, can the web server in DMZ talk to the SQL server (can DMZ server see a LAN server)? If so, how is the DMZ a "safe" place?
Should both SQL and web server be in DMZ and if so, how does that affect access to LAN clients?