Internet Access to Database

[Burger]

Hi, I a sure some of the questions I will ask are redundant in this forum so please bear with me.

I have been researching means of remotely accessing the FM database on our intranet via the internet and am a little confused as to my options.

I am not interested in publishing html for viewing through a browser, but would rather specify a host as an IP to connect. Our internal computers use static intranet numbers and connect through our firewall which sits on an internet IP address. We have both the UDP and TCP ports setup to bypass the firewall.

First question, is this going to work?

Second question, when specifying a host in FM for remote connection, how do I tell it to get to the server using the open port and intranet ip?

I tried the following-

internet IP :port #:intranet IP

intranet IP :port #:internet IP

and a few other combinations but with no luck.

TIA

Any and all help is greatly appreciated!

Jason

[ May 17, 2001: Message edited by: LiveOak ]

[Jeff Spall]

Hi,

This may be a completely wrong guess, but what I think you have is the most common Firewall setup:

You have an internal unregistered network with a firewall/router that serves the internal computers with NATS (network address translation) so the outside world sees you as one IP address, but everyone gets secure Internet access- right?

If that's the case, you'll need to get your ISP to allocate a separate, registered, external IP address for your server and then do a one-to-one map on the firewall, an entry that says address(external):address(internal) You can then open up incoming access on the ports you need to just that address.

It is also possible to write a route without an extra IP address if you route ALL incoming packets on certain ports to one internal IP address - mailservers are often done like this - but it's a bit of a klunky workround.

Final thing to do is get your ISP to make DNS records for a domain or subdomain (like "database.mydomain.com") to the new address so that you can use a name rather than an IP address to find the server from the web.

Regards, Jeff

PS, If I got your firewall config wrong, this is nooooo help at all!!

[Burger]

Jeff, you have it right. I suppose all I really need to do is work with my DNS settings here, open a port and have the Raptor system point all calls to the FM server. Sounds easy.. wonder if it is.

Thanks for your help! Is there anything I am missing with this?

I have read a few conflicting threads regarding UPD on 5003 and whether is should be on or off. Any insight?

[Chuck]

This comes from Special Edition Using FileMaker Pro 5 by Rich Coulombre and Jonathan Price, p. 528-9. I happened to have come across it yesterday while I was looking something else up.

quote:

---

"If you are using network address translation (NAT) with FileMaker Server 5, Port 5003 must be enabled for TCP, but filtered (off) for UDP. This is different than was the case in FileMaker Pro Server 3. If you are not using network address translation, Port 5003 should be enabled for both TCP and UDP. Failure to do this will prevent users from seeing a list of hosted files if they connect from outside the firewall."

---

Chuck