Salesforce

Deploying Web Client Application on DMZ Machine (Magic xpa 4.x)

Printable View
« Go Back

Information

 
Created BySalesforce Service User
Approval Process StatusPublished
Objective
Description

Deploying Web Client Application on DMZ Machine

You can deploy a Web Client application on a machine located in your organization’s LAN and expose it on a Demilitarized Zone (DMZ) Server located outside the LAN. External users can access the Web Client application via DMZ Server.

The following diagram illustrates the scenario:

Prerequisites

You require the following two machines:

Machine A behind the Firewall

(with IP address say, <10.9.9.4>)

  1. Magic xpa 4.x Enterprise Server installed.

  2. Magic xpa Web Client application deployed (ecf).

Machine B in Front of the Firewall (the DMZ Machine)

(with IP Address say, <192.168.25.10>)

  1. Magic xpa 4.x Requester Component installed.

Installing Requester

You can install Requesters using Product Components during Magic xpa installation, or by selecting the option Internet Requester while installing Product Components exclusively.

Select Web Client and Internet Requester options as shown below.

Specify alias name for Web_Client_Cache folder.

2. Share the Web_Client_Cache folder with all the rights of Authenticated user.

3. In the Scripts\mgreq.ini file (located in the Requester Installation folder), set the MessagingServer as <IP of

Magic xpa Server/Port>. For example:

MessagingServer = <IP of Machine A>/5115

4. Refer to the steps in Magic xpa Help about Deploying Web Client Applications.

5. In the C:\Inetpub\wwwroot\NewApp\assets\server-config.json file, set the Server property to IP of the DMZ

machine, where the Requester installed. For example:

"server": "192.168.25.10"

6. After entering the setting in mgreq.ini, reset IIS.

Communication between Magic xpa Server and Web Server

The following ports are required to be opened on the firewall in order to start the communication between two networks:

Firewall Settings between DMZ and LAN

  1. HTTP – TCP 80

  2. 5115 (port for the Middleware)

  3. 1500-2000 (the range of ports based on the settings in magic.ini for the Application Server).

  4. SMB port TCP 445 – It needs to be open to access the Shared folder.

The Web server and Magic xpa Server must communicate using hostnames.

Add the Hostname – IP binding in hosts file located at C:\Windows\System32\drivers\etc folder.

Perform the following steps on Machine A:

  1. Map the path \\<IP of the Machine B>\Web_Client_Cache to some drive. For example, z:\ drive.

  2. In magic.ini file, set following:

WebClientCachePath = z:\

Testing the Application

Execute the following URL:

http://<IP of DMZ>/NewApp

That’s it!

Find your application running on the DMZ.

Since version: 4.7

Reference
Attachment 
Attachment