Hardware/Software:

Server: FMS 9.0.1 on G4 Xserve OS X 10.4.11 - IP 192.168.100.3

My system: FMPA 9.0.3 on MacBook Pro OS X 10.5.6

Plus: FMP 9.0.x on various computers in two offices, both Mac and PC.

Our company setup is basically two offices linked via a VPN, one with Macs only, the other with a mix of both Macs and PCs. My office contains the G4 Xserve which serves our FM DB and all the clients (in both offices) connect locally via it's static IP address of 192.168.100.3. This setup has been working without fault for years.

The problem is that some staff members now need to be able to remotely connect from outside of the VPN. Our ISP has opened port 5003 on our router which now forwards to 192.168.100.3 for both TCP and UDP. The router is a Cisco 878 with the WAN IP address 212.9.27.xxx.

However, when you go outside of the VPN (for instance at home) to Open Remote > Favorite Hosts and add 212.9.27.xxx nothing appears. I have tried including the entire network path without success.

Port 5003 checks out fine on both the Xserve and the router and was wondering if we need to forward port 5353 as well? Could it be that we need to forward port 5003 on the router to a NAT address on the server as I've seen suggested on various tech sites? Should I be using SSH?

I'm not sure whether it makes any difference or not, but the Xserve is also our FTP server which has ports 21 and 3000 to 3008 forwarding to 192.168.100.3 from the router without an issues. I'm guessing if the FTP is OK then there isn't a firewall problem.

Any suggestions welcome, but be gentle, my limited networking knowledge is already used up. In fact, I'm hoping I've missed something obvious and simple, if you know what I mean!

Thanks.

You will also need port 5353 for 'host discovery'. Check out this excellent page for the full picture:

Six Fried Rice

Hope this helps

I'm presuming your using the routers to maintain the VPN, so the individual users do not need to establish the VPN themselves? In which case the public IP address is dedicated to forwarding VPN traffic.

Can you use another public IP address to map to the FMS?

Will get onto my ISP to open port 5353 and report back when it's sorted. Thanks.

As far as I know there's only one public IP address and you're right, the router does maintain the VPN as the clients in our other office login to our database through Open Remote > Local Hosts even though they're on a different island!

We run an FTP service from the same server and that comes through the same public IP address and the router has always been fine with that so I'm presuming the Filemaker traffic can do the same.