Depending on how the company handles DNS you may need to add an external DNS entry to point to the server or possibly just enable external advertisement of an existing DNS record. Depending on your network architecture you may need to add a NAT and/or PAT translation on the firewall in addition to opening the ports. If you are using an RFC-1918 private address for the server then a NAT translation will be required but if not then you should just need to allow the ports. Your network security team may be taking care of all this for you in the background but I thought it was worth mentioning. Hopefully for security reasons your public mid-tier server doesn't have a public IP address (at least that's my opinion).
Personally I prefer using a private IP on the mid-tier server and putting it into a DMZ, then allowing the required back-end ports through the firewall to the application server which would live in the secure zone behind the firewall. You could even run a separate mid-tier server in the secure zone for internal users so that they don't have to bounce into the DMZ; going that route you would probably want to use the same DNS name but associate it to a different IP for internal versus external DNS. -Rick ___________________________ Rick Westbrock QMX Support Services From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Sandeep Pandey Sent: Wednesday, May 15, 2013 8:06 AM To: arslist@ARSLIST.ORG Subject: Re: Midtier over Internet ** Thanks Jason. I have opened port already 8080. Do we mention ssl encryption during installation or we can do later after doing configuration setting change in midtier? How to check? Is that https rather than http? Sandeep Pandey Remedy Developer On Wed, May 15, 2013 at 8:21 PM, Jason Miller <jason.mil...@gmail.com> wrote: ** You only need to open the port for the web server to the World (usually 80 or 8080 or 8443 or 443). I strongly recommend using SSL encryption if you are not already (I recommend it for internal only access as well). Jason On May 15, 2013 7:43 AM, "Sandeep Pandey" <sandeep.rem...@gmail.com> wrote: ** Dear List, I have installed Midtier and ARS in single box and remedy web page correctly functioning in Intranet network having firewall. Will it work over the Internet outside the Intranet if firewall setting we remove? Or any thoughts? Do we have any other settings related to firewall from the ARS application/mid tier side if we disable/enable firewall? Web Server Information: Apache Tomcat/6.0.20 ARS 7.6.04 SP4 -- Sandeep Pandey Remedy Developer _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ -- _ARSlist: "Where the Answers Are" and have been for 20 years_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
