We recently had a requirement where a client wanted to be able to access the web client outside of their network from the web without having to use a VPN client. Microsoft’s installation instructions direct you to implement an additional server outside of your firewall to provide windows authentication. I am going to give you the steps to publish the web client outside of your firewall without the need of an additional server and you don’t need to use a VPN.
- External URL – You first need to decide what your external URL is going to be. This is the URL that the web client will use to respond to requests. For instance, if your domain is ‘acme.com’ an external URL may be ‘webclient.acme.com.’
- Add an A record to your DNS that will point requests from webclient.acme.com to a fixed external IP address. You may have to request a fixed IP address from your ISP provider if you don’t have any available.
- Open up ports on your firewall that will NAT the external IP address to an internal IP address. Every firewall is different so to give you instructions on how you would do this on your firewall would be difficult. You would have to contact your IT provider or internal IT staff to perform this task. When creating the NAT between the external IP address and the internal IP address you need to open the following ports: 80, 443, 48650, and 48651.
- Now test to make sure that the external address is working properly. When entering http://webclient.acme.com you should receive the standard Windows II7 web page. If you get a page not found test that the URL is returning the right IP address. To do that open the command prompt and type: ping webclient.acme.com, the IP address that you assigned in the DNS should return. If it doesn’t you need to check that the DNS server’s A record is configured properly. If you receive a valid IP address then ask your IT provider or IT department that the external IP address is notated to the web server you will be using for the web client.
- Once the URL is tested out properly, you can now install the web client software. From this point forward you will follow the standard install process and when the URL is requested for the web client you will enter the external web address.
You have now setup the web client to be accessed from the web without the use of a VPN client.
For more informational “how-to’s” from KTL and Senior Consultants, contact KTL at 301.360.0001 and continue to follow our blogs. Also, take a look at our How To Videos on our YouTube Page.
TIMOTHY (TIM) LALLY, CPA | President/CEO
Tim is the founder and president of KTL Solutions, Inc. He provides high-level guidance to our clients in order to help them better use technology within their organizations. He has an ability to understand the issue and provide a solution that best fits the client’s needs. When implementing solutions, his focus is to utilize off the shelf solutions first and customizations second.
Tim is a Certified Public Accountant (CPA) and has over 17 years of Microsoft Business Solutions software implementation and development experience. He started implementing Dynamics in 1987 in the early years of Great Plains on the Apple Macintosh. His responsibilities include mentoring new developers, teaching accounting principles and processes to developers, and leading the development and design of custom solutions. Tim oversees KTL’s Microsoft Business Solutions vertical market business.