I’m posting this in all of the Lotus Domino forums at it has little to do with Release version.
I have a server that’s working fine along with a number of users already connected and replicating.
However, one of my users has begun working offsite and their firewall won’t allow any port traffic above TCP or UDP 1024.
So I’m trying to find a way that he can replicate using TCP port 975 (we don’t use this for anything else).
But I can’t figure out how to get our Lotus Domino server to listen on port 1352 (default) AND on Port 975?
Obviously, I have to still be able to listen on port 1352 as I have 100+ existing users already connected and configured.
Any ideas? (I already tried redirecting public TCP 975 to private 1352, but that didn’t work).
Thanks.
Subject: Sounds like you need a VPN
The most obvious answer is to have a VPN. There are VPN solutions that will even tunnel on port 80, if port restrictions are an issue.
The other option would be to enable a second port on your server and configure it to listen on whatever port number you need. It’s a bit tricky and I would advise to tread carefully there. But doable.
Hope this helps.
Alex
Subject: port redirection
you could just ask your firewall guys to port redirect port 975 on the public side to 1352 on the server side.
Not a great idea because that allows the outside world to “see” your Domino installation, but it would work without the need for a VPN.
As stated before you can also do exactly this by creating an SSH server somewhere in the local network, have port 443 on some publically accessible IP point to the SSH server, set to use certificate authentication, and then use putty on your remote users machine to connect and authenticate. Then you would set up putty to forward port 1352 on the users machine 127.0.0.1 to port 1352 on the Domino server, and create a remote profile on his machine that connects to localhost.
Dont forget to ensure that the ssh server doesnt allow too many ports to be forwarded inside your network, by configuring it correctly or using a firewall that only allows 1352 to the Domino servers IP.
Boring, buying a cheap VPN box or using OpenVPN would be easier.
Subject: Similar to a VPN is SSH…
-
It’s OSS and it supports tunneling without all the infrastructure that goes along with a standard VPN. Use puTTY on the client side to set up the tunnel, then have them connect to localhost:portnumber on their end. I believe OpenSSH is a decent server implementation; since all the boxen I SSH to are Linux based, and it has SSH installed by default, I’ve never actually set up an OpenSSH install from scratch.
-
Hope this helps…