Port Forwarding

Support
Log in to reply
  • J

    I am limited to a single server in my environment, but have decided to better fortify my network. I currently have everything filtered and am whitelisting traffic through a DMZ proxy inbound to my Toec server.

    Thus far I have only been experimenting with Toec on my local network, and it works beautifully, however, I was wondering what ports are used for the clients to register with the server.

    I'm looking to forward those ports from a DMZ proxy into my server, whilst keeping the management console locked to the local net.

    I can't spin up a new machine due to resource limitations at this point, but have come across the need to manage endpoints off the network.

    Is this possible given my chosen design?

    Thanks!

    0
  • T

    Your approach is correct. Only open up port 8888 to allow the endpoints to communicate, keeping the ui and api locked down to just the internal network.

    1
  • J

    On this note:

    During the setup there are a few different interface entries. I am seeking clarification on which are local and which are public, considering the change of network configuration.

    Using https://docs.theopenem.com/getting-started/configure/ as a reference

    Local or Public?
    Com Server:
    Multicast:
    tftp:

    I ask because I am receiving the following error from the client:

    2021-03-14 13:48:02,785 ERROR [4] ApiRequest DOMAIN\User - Error Retrieving API Response: System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond PROXY_IP_ADDRESS:8888
   at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
   at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
   --- End of inner exception stack trace ---
   at System.Net.HttpWebRequest.GetResponse()
   at RestSharp.Http.GetRawResponse(HttpWebRequest request)
   at RestSharp.Http.GetResponse(HttpWebRequest request)
2021-03-14 13:48:02,801 ERROR [4] ServiceActiveComServer DOMAIN\User - Could Not Connect To Any Client Com Servers.  Delaying 30 Seconds Before Next Retry.

    However, at my DMZ proxy I am seeing in the logs the traffic inbound, masquerading to my server, and a response being sent back out.

    J 1 Reply 0
  • J

    @jikeidan I definitely had an issue with my itptables ruleset - had an adapter "eth-" entered instead of "eth0" - was preventing 😃

    Thanks again!

    0