Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- From: "callahan" <cacallahan@xxxxxxxxxxxxxxxxxxx>
- Date: Fri, 27 Jun 2008 15:35:24 -0400
I'm confused AllenM as to why you feel they can't use 443?
If the organization is not using SSL on that server for any other web site,
then all they would need is to get an SSL certification for the exact URL
for the site, install it using 443, and, wham bam, they've got SSL between
the client and the web site for all those pesky, private things you need to
upload and download...
Cary, making a SharePoint web site accessible to the outside is very doable.
Remember, the web front end part of sharepoint is just IIS. If you can make
an IIS web site available to the public, then you can do it with sharepoint
as well.
In order for people outside the office to access your site, you need an
externally accessible DNS address pointing to the external IP address of the
router to access the SharePoint server, and have the router pass the correct
traffic to the sharepoint server (make sure that internal DNS passes traffic
for the external address to that internal server).
Now if you are going to have employees accessing and contributing to the
sharepoint site, it is a good idea to protect the site's traffic with SSL--
it's not a requirement, but it's a good idea. I personally would want to
make sure it works without SSL, *then* enable SSL. In that case you would
want to consider what port SSL would use for that site (and make sure that
port is open on the router for that traffic), what the URL would be for the
certificate, buying (or creating), then installing the certificate (and if
it's on a server farm, install the cert for each server). Also make sure
that Alternate Access Mapping has a https:// address for the web application
as well.
Something people don't think about is licensing. If you are going to have
people contributing to SharePoint from outside your office that you don't
have client licenses for, you will need to buy licenses for them, or get a
per server External Connector license, which allows unlimited external
contributing users.
So, to summarize:
1) SharePoint easily supports external use. After all, it's IIS under the
hood.
2) Using SSL is a good idea of private data is flowing back and forth across
the internet, but it isn't required as part of allowing external access.
3) Make sure that SharePoint knows that the new, external URL points to an
existing site by adding it in AAM, and make sure, if you use SSL, that the
https://address for that external URL is pointing to the existing site.
4) Licensing can become an issue if you are allowing people you don't have
client access licenses to contribute to sharepoint, you will need to get an
external connector (not cheap). External people can passively see pages
anonymously, you just can't let them "use" or contribute anything to
sharepoint.
Hope that helps,
-callahan
(I've got step by step instructions for setting up a web site with SSL on a
server farm with screenshots in chapter 15 in "Mastering Windows SharePoint
Services 3.0," for more info but right now I'm on a deadline... <g>)
"AllenM" <noreply@xxxxxxxxxxx> wrote in message
news:u%23ac0OH2IHA.5944@xxxxxxxxxxxxxxxxxxxxxxx
Making sharepoint accessible externally is not all that difficult. Involes
a bit of knowledge with IIS and SSL tunneling. All that is really
necessary is to configure an SSL port (you can't use 443 or 444). You may
need to setup NAT in the WSS 3.0 Central Administration. You also have to
address using a public signed SSL key.
"Cary W. Shultz" <cshultz@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:uf6fvSG2IHA.5048@xxxxxxxxxxxxxxxxxxxxxxx
Good morning!
Simple question actually: making sharepoint 3.0 accessible to the user
base when the user base is not connected to the network (say, they are at
home or on vacation or whatnot). How?
I ask becuase my colleague tells me that this is very tricky. To me, it
seems like we simply have a dedicated, static Public IP Addres available.
We create an A record called 'sharepoint' (or whatever...), configure the
SonicWall to forward traffic to this IP Address to the server in question
(member File Server) and that is it.
My colleague tells me that SharePoint is not really all that 'friendly'
when it comes to accessing it from the outside world. I trust what he
says.
Thanks,
Cary
.
- Follow-Ups:
- References:
- SharePoint 3.0 - making it accessible to user 'from the outside'
- From: Cary W. Shultz
- Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- From: AllenM
- SharePoint 3.0 - making it accessible to user 'from the outside'
- Prev by Date: Changing SPFarm ID
- Next by Date: Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- Previous by thread: Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- Next by thread: Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- Index(es):
Relevant Pages
|
Loading
