Depending on how the company handles DNS you may need to add an external DNS
entry to point to the server or possibly just enable external advertisement
of an existing DNS record. Depending on your network architecture you may
need to add a NAT and/or PAT translation on the firewall in addition to
opening the ports. If you are using an RFC-1918 private address for the
server then a NAT translation will be required but if not then you should
just need to allow the ports. Your network security team may be taking care
of all this for you in the background but I thought it was worth mentioning.
Hopefully for security reasons your public mid-tier server doesn't have a
public IP address (at least that's my opinion).

 

Personally I prefer using a private IP on the mid-tier server and putting it
into a DMZ, then allowing the required back-end ports through the firewall
to the application server which would live in the secure zone behind the
firewall. You could even run a separate mid-tier server in the secure zone
for internal users so that they don't have to bounce into the DMZ; going
that route you would probably want to use the same DNS name but associate it
to a different IP for internal versus external DNS.

 

 

-Rick

 

___________________________

Rick Westbrock

QMX Support Services

 

From: Action Request System discussion list(ARSList)
[mailto:arslist@ARSLIST.ORG] On Behalf Of Sandeep Pandey
Sent: Wednesday, May 15, 2013 8:06 AM
To: arslist@ARSLIST.ORG
Subject: Re: Midtier over Internet

 

** 

Thanks Jason.

I have opened port already 8080. Do we mention ssl encryption during
installation or we can do later after doing configuration setting change in
midtier?

How to check? Is that https rather than http?

Sandeep Pandey 
Remedy Developer

 

On Wed, May 15, 2013 at 8:21 PM, Jason Miller <jason.mil...@gmail.com>
wrote:

** 

You only need to open the port for the web server to the World (usually 80
or 8080 or 8443 or 443). I strongly  recommend using SSL encryption if you
are not already (I recommend it for internal only access as well).

Jason

On May 15, 2013 7:43 AM, "Sandeep Pandey" <sandeep.rem...@gmail.com> wrote:

** 

Dear List,

 

I have installed Midtier and ARS in single box and remedy web page correctly
functioning in Intranet network having firewall.

Will it work over the Internet outside the Intranet if firewall setting we
remove? Or any thoughts?


Do we have any other settings related to firewall from the ARS
application/mid tier side if we disable/enable firewall?

 

Web Server Information: Apache Tomcat/6.0.20

ARS 7.6.04 SP4


-- 
Sandeep Pandey 
Remedy Developer 

_ARSlist: "Where the Answers Are" and have been for 20 years_ 

_ARSlist: "Where the Answers Are" and have been for 20 years_ 




-- 

_ARSlist: "Where the Answers Are" and have been for 20 years_ 


_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org
"Where the Answers Are, and have been for 20 years"

Reply via email to