Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 304 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 260 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
Webclient setup on DMZ (outside domain). Possible???
thoratl
Member Posts: 9
Hi
I have a problem. Im setting up NAV 2013R2 environment for customer. SQL, NAV Server and Webclient are all on seperate servers. SQL and NAV Server are inside the company domain. But the webclient is going to be located on special DMZ machine, located outside the company domain.
Is it possible to have the webclient outside the domain and connect to the NAV server inside the company domain? If so, can you give me info on how I set it up?
Thor
I have a problem. Im setting up NAV 2013R2 environment for customer. SQL, NAV Server and Webclient are all on seperate servers. SQL and NAV Server are inside the company domain. But the webclient is going to be located on special DMZ machine, located outside the company domain.
Is it possible to have the webclient outside the domain and connect to the NAV server inside the company domain? If so, can you give me info on how I set it up?
Thor
0
Comments
This is doable but it requires a bit of work.
These are the steps in a nutshell:
1. On the DMZ machine you will need to install NAV Server Service.
2. You will need to open a port on the SQL server (Default is 1433 ) so that NAV Server Service in DMZ can access this port in the internal network. (This is usually setup on the firewall)
Or you can do this via VPN channel if you want to provide better security.
3. After that you use NAVusers authentication (instead of Windows authentication) and certificates so that users from outside can login into NAV.
Please see this link for more details.
http://msdn.microsoft.com/en-us/library ... 70%29.aspx
I hope this helps.
Thanks.
So I will have two Nav server services running. One inside the domain with windows authentication (NAV Client) and one service on the DMZ server that use NAVUsers Authentication. Am I understanding this right?
Is this this the only way to do this? Is it not possible to have two services running on NAV server inside domain, one with windows authentication (Nav Client) and one with NavUser Authentication for the web client. Then create certificate between the Nav server (on domain server) and webclient (on the DMZ server).
Yes, this is correct. It is good practise to have one NAV service for RTC users and one for WEB Client users.
No it is not, there are plenty of options to achieve this.
This is possible too. Again you will have to open a SOAP port e.g. 7047 on your DMZ firewall so that Web client can connect to the NAV Server Service. (In web.config file you will need probably to use IP instead of DNS name for NAV Server)
Users can use NavUserPassword (certificate) to authenticate and login.
I hope this helps.
Thanks.
Thanks again for giving your time to help me.