You don't have to fully DMZ it. Just port-forward the web port (80 or
8080->80 or something that makes sense). Note that if you use any port
besides 80, you will likely want to change the signature/footer of outbound
emails to reflect the port you're opening. You can add an additional Listen
directive to the apache config to reflect the new port (requires restart of
apache).
"For example, to make the server accept connections on both port 80 and port
8000, use:
Listen 80 Listen 8000"
You may also need to make specific changes to the config of otrs. Having
otrs listen on both ports makes it really easy for you transition so that
your internal users won't notice a change in how they connect. However, if
you're using an internal name for your otrs server -- usually a LAN will
reference by a single servername, not a FQDN -- you'll want to make sure
that your otrs server is accessible internally by the FQDN and that the otrs
config reflects that FQDN. In my case, I created a CNAME both on my AD DNS
server and the external domain dns server: http://support.mydomain.tld would
resolve to my external IP address for the world and my internal IP address
for my LAN.
On Fri, Dec 10, 2010 at 3:10 AM, Lars Jørgensen
Hi,
If you need to give external customers access to the customer frontend, the first solution that comes to mind is to place a server with the customer frontend in the DMZ and let it talk to the internal database. Is this the best practice and do any configuration guide exist for this?
Lars
--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs