Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- From: "Cary W. Shultz" <cshultz@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 27 Jun 2008 17:10:17 -0400
Guys,
Good point. We do use OWA. Naturally, we use Port 443 for that. The
Firewall might get a bit confussed if it needed to forward traffic on Port
443 to two different internal IP Addresses!
Good call - better to use a different port.
Thanks,
Cary
"callahan" <cacallahan@xxxxxxxxxxxxxxxxxxx> wrote in message
news:ehgZhdJ2IHA.1772@xxxxxxxxxxxxxxxxxxxxxxx
Ah, but they didn't say they were doing OWA... still better safe than
sorry I guess.
-callahan
"AllenM" <noreply@xxxxxxxxxxx> wrote in message
news:ue%23pqGJ2IHA.4672@xxxxxxxxxxxxxxxxxxxxxxx
PErhaps let me rephrase that statement. Best "not" to use port 443 as
this is the default SSL port used for OWA.
"callahan" <cacallahan@xxxxxxxxxxxxxxxxxxx> wrote in message
news:%23XGnA0I2IHA.552@xxxxxxxxxxxxxxxxxxxxxxx
I'm confused AllenM as to why you feel they can't use 443?
If the organization is not using SSL on that server for any other web
site,
then all they would need is to get an SSL certification for the exact
URL
for the site, install it using 443, and, wham bam, they've got SSL
between
the client and the web site for all those pesky, private things you need
to
upload and download...
Cary, making a SharePoint web site accessible to the outside is very
doable.
Remember, the web front end part of sharepoint is just IIS. If you can
make
an IIS web site available to the public, then you can do it with
sharepoint
as well.
In order for people outside the office to access your site, you need an
externally accessible DNS address pointing to the external IP address of
the
router to access the SharePoint server, and have the router pass the
correct
traffic to the sharepoint server (make sure that internal DNS passes
traffic
for the external address to that internal server).
Now if you are going to have employees accessing and contributing to the
sharepoint site, it is a good idea to protect the site's traffic with
SSL--
it's not a requirement, but it's a good idea. I personally would want
to
make sure it works without SSL, *then* enable SSL. In that case you
would
want to consider what port SSL would use for that site (and make sure
that
port is open on the router for that traffic), what the URL would be for
the
certificate, buying (or creating), then installing the certificate (and
if
it's on a server farm, install the cert for each server). Also make
sure
that Alternate Access Mapping has a https:// address for the web
application
as well.
Something people don't think about is licensing. If you are going to
have
people contributing to SharePoint from outside your office that you
don't
have client licenses for, you will need to buy licenses for them, or get
a
per server External Connector license, which allows unlimited external
contributing users.
So, to summarize:
1) SharePoint easily supports external use. After all, it's IIS under
the
hood.
2) Using SSL is a good idea of private data is flowing back and forth
across
the internet, but it isn't required as part of allowing external access.
3) Make sure that SharePoint knows that the new, external URL points to
an
existing site by adding it in AAM, and make sure, if you use SSL, that
the
https://address for that external URL is pointing to the existing site.
4) Licensing can become an issue if you are allowing people you don't
have
client access licenses to contribute to sharepoint, you will need to get
an
external connector (not cheap). External people can passively see pages
anonymously, you just can't let them "use" or contribute anything to
sharepoint.
Hope that helps,
-callahan
(I've got step by step instructions for setting up a web site with SSL
on a
server farm with screenshots in chapter 15 in "Mastering Windows
SharePoint
Services 3.0," for more info but right now I'm on a deadline... <g>)
"AllenM" <noreply@xxxxxxxxxxx> wrote in message
news:u%23ac0OH2IHA.5944@xxxxxxxxxxxxxxxxxxxxxxx
Making sharepoint accessible externally is not all that difficult.
Involes
a bit of knowledge with IIS and SSL tunneling. All that is really
necessary is to configure an SSL port (you can't use 443 or 444). You
may
need to setup NAT in the WSS 3.0 Central Administration. You also have
to
address using a public signed SSL key.
"Cary W. Shultz" <cshultz@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:uf6fvSG2IHA.5048@xxxxxxxxxxxxxxxxxxxxxxx
Good morning!
Simple question actually: making sharepoint 3.0 accessible to the user
base when the user base is not connected to the network (say, they are
at
home or on vacation or whatnot). How?
I ask becuase my colleague tells me that this is very tricky. To me,
it
seems like we simply have a dedicated, static Public IP Addres
available.
We create an A record called 'sharepoint' (or whatever...), configure
the
SonicWall to forward traffic to this IP Address to the server in
question
(member File Server) and that is it.
My colleague tells me that SharePoint is not really all that
'friendly'
when it comes to accessing it from the outside world. I trust what he
says.
Thanks,
Cary
.
- References:
- SharePoint 3.0 - making it accessible to user 'from the outside'
- From: Cary W. Shultz
- Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- From: AllenM
- Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- From: callahan
- Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- From: AllenM
- Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- From: callahan
- SharePoint 3.0 - making it accessible to user 'from the outside'
- Prev by Date: Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- Next by Date: Re: Moving content DBs from one SharePoint to another
- Previous by thread: Re: SharePoint 3.0 - making it accessible to user 'from the outside'
- Next by thread: Re: Moving content DBs from one SharePoint to another
- Index(es):
Relevant Pages
|
