Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

Filemaker Server 11 vpn vs SSL on two locations

cat traveller

By cat traveller
in FileMaker Server 11

 Share

This topic is 4919 days old. Please don't post here. Open a new topic instead.

Recommended Posts

cat traveller Enthusiast

cat traveller

Posted
Posted

Hello everyone,

at the moment I cannot find out how to make my scenario happen, please help:

We have a WIN 2003 Server with Filemaker Server 11 running 6 databases, that server has its own static public IP, we have a 4Mbit SDSL line (up and downstream is the same)

Clients connect to that server and use our databases from their Macbooks, all Snow Leopards with Filemaker 11 installed.

Two road warriors connect via PPTP VPN from time to time and the access the server as well, but it is SLOW to say the least.

Good to look up some info but not really to work.

I think I know that the VPN is the bottleneck. Eg at home I have a cable linkup that is much faster up and down as the 4Mbit, still it is DUH.

Now we have a second, small office and I would like the people there to work on our database as well, remotely.

What would be the best practise (and fastest connection) for the clients to connect to our server?

I read some stuff about SSL encryption but I am afraid of a security hole.

In my best case I would have a fast connection of the clients, using only their filemaker clients to connect to our database, with strong passwords,

and (this is possible because it is just 2 people) mac addresses, maybe?

Please advise and thank you first of all.

ole

Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

Hello everyone,

at the moment I cannot find out how to make my scenario happen, please help:

We have a WIN 2003 Server with Filemaker Server 11 running 6 databases, that server has its own static public IP, we have a 4Mbit SDSL line (up and downstream is the same)

Clients connect to that server and use our databases from their Macbooks, all Snow Leopards with Filemaker 11 installed.

Two road warriors connect via PPTP VPN from time to time and the access the server as well, but it is SLOW to say the least.

Good to look up some info but not really to work.

I think I know that the VPN is the bottleneck. Eg at home I have a cable linkup that is much faster up and down as the 4Mbit, still it is DUH.

Now we have a second, small office and I would like the people there to work on our database as well, remotely.

What would be the best practise (and fastest connection) for the clients to connect to our server?

I read some stuff about SSL encryption but I am afraid of a security hole.

In my best case I would have a fast connection of the clients, using only their filemaker clients to connect to our database, with strong passwords,

and (this is possible because it is just 2 people) mac addresses, maybe?

Please advise and thank you first of all.

ole

You do not need the VPN for encryption purposes for FileMaker data. And as you've discovered, it can be a huge performance bottleneck. Enable the encryption option in the Admin Console for FileMaker Server. That provides encryption of data in transit for all users, both inside the LAN and outside as well.

Steven

cat traveller Enthusiast

cat traveller

Posted
  • Author
Posted

You do not need the VPN for encryption purposes for FileMaker data. And as you've discovered, it can be a huge performance bottleneck. Enable the encryption option in the Admin Console for FileMaker Server. That provides encryption of data in transit for all users, both inside the LAN and outside as well.

Steven

Thank you, Steven.

In that case, I would open port 5003 for TCP incoming and outgoing on the firewall of my Win 2003 Server running Filemaker Server? Would that not

open doors for hackers trying to get into my Windows Server (since the port is open?) ?

I guess I would have to set access rights on the firewall rule for 5003 only for certain MAC adresses, correct?

I am a little confused here.

Thanks again.

ole

Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

Thank you, Steven.

In that case, I would open port 5003 for TCP incoming and outgoing on the firewall of my Win 2003 Server running Filemaker Server? Would that not

open doors for hackers trying to get into my Windows Server (since the port is open?) ?

I guess I would have to set access rights on the firewall rule for 5003 only for certain MAC adresses, correct?

I am a little confused here.

Thanks again.

ole

Open Port 5003 on the network firewall and forward packets to the NAT address of the FIleMaker Server machine. Any open port is a potential attack vector; you must balance risks of attacks against needed services.

Steven

  • Like 1
cat traveller Enthusiast

cat traveller

Posted
  • Author
Posted

Open Port 5003 on the network firewall and forward packets to the NAT address of the FIleMaker Server machine. Any open port is a potential attack vector; you must balance risks of attacks against needed services.

Steven

Thank you Steven, this helped!

This topic is 4919 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept