-
2
- #1
The following is some info about configuring the preferred edition App as managed to make it work perfectly finally. Setup is of IP500v2 and App server running one-x portal on it.
xmpp setting on app server needs to be setup with onex.company.com
domain seting on ip500 needs to be setup with ipo.company.com
First thing to handle is DNS. I set two A entries at our domain host to be available externally:
ipo.company.com (ipoffice)
onex.company.com (app server)
both pointing to same external static IP address of your company.
Best to also setup internal DNS server as follows:
ipo.company.com (to ipoffice ip) A entry
onex.company.com (to app server ip) A entry
You also have to route some ports. This needs to be done by your firewall if accessing externally; needs to be done by internal DNS server for internal connections.
In the firewall you need to setup the following as port forwarding policies; in Local DNS server you need to user SRV (service) records in the DNS section to be able to point specific port numbers, protocol to internal A entries created earlier:
FIREWALL SETTING
udp/tcp 5060,5061,49152-53246 need to be routed to ipo.company.com; tcp/udp 5222, 8444, 8080, 5269, 8443, 8666, 9443, 8086, 9094, 9095, 5223 to onex.company.com
INTERNAL SERVER SETTING
udp/tcp 5060, 5061 to ipo.company.com
udp/tcp 5222 to onex.company.com
I person using application from external location is using a VPN (my preferred option for security); external port forwarding from firewall can be disabled since VPN will connect mobile device to internal network and make use of internal DNS server.
xmpp setting on app server needs to be setup with onex.company.com
domain seting on ip500 needs to be setup with ipo.company.com
First thing to handle is DNS. I set two A entries at our domain host to be available externally:
ipo.company.com (ipoffice)
onex.company.com (app server)
both pointing to same external static IP address of your company.
Best to also setup internal DNS server as follows:
ipo.company.com (to ipoffice ip) A entry
onex.company.com (to app server ip) A entry
You also have to route some ports. This needs to be done by your firewall if accessing externally; needs to be done by internal DNS server for internal connections.
In the firewall you need to setup the following as port forwarding policies; in Local DNS server you need to user SRV (service) records in the DNS section to be able to point specific port numbers, protocol to internal A entries created earlier:
FIREWALL SETTING
udp/tcp 5060,5061,49152-53246 need to be routed to ipo.company.com; tcp/udp 5222, 8444, 8080, 5269, 8443, 8666, 9443, 8086, 9094, 9095, 5223 to onex.company.com
INTERNAL SERVER SETTING
udp/tcp 5060, 5061 to ipo.company.com
udp/tcp 5222 to onex.company.com
I person using application from external location is using a VPN (my preferred option for security); external port forwarding from firewall can be disabled since VPN will connect mobile device to internal network and make use of internal DNS server.