Skip to main content

Network Connection Setup

This guide assumes that you have already installed the product on your virtual machine. Before you can access the web service, you need to establish proper network connectivity by following the instructions below.

Determine the Service URL

Select the URL or Fully Qualified Domain Name (FQDN) through which your web service is accessible to users, for example:

  • https://webservice.yourcompany.com
  • https://app.internal.yourcompany.local
  • https://service-name.department.company.com

Note: Choose a meaningful and memorable name that aligns with your organization's naming conventions and clearly identifies the service purpose.

Identify Your Network Architecture

Work with your IT department to determine which of the following scenarios applies to your deployment:

Scenario A: Internal Network Access Only

In this configuration, the VM's IP address is only reachable within the corporate network. This setup is suitable when:

  • The service is intended for internal users only.
  • Access from outside the corporate network isn't required.
  • Users must be connected to the corporate network (either on-site or through VPN)

Scenario B: Direct Internet Access Through Corporate Firewall

Here, the virtual machine (VM) is accessible from the internet through the corporate firewall. This configuration:

  • Allows external users to access the service directly.
  • Requires firewall rules to be configured for the VM's IP address.
  • Typically involves NAT (Network Address Translation) at the firewall level.

Scenario C: Access Through Firewall and Reverse Proxy

This is the most complex but also most secure configuration, where:

  • A reverse proxy sits between the internet and your web service.
  • The firewall protects the reverse proxy.
  • The reverse proxy forwards requests to your web service.
  • This setup provides additional security layers and centralized Secure Socket Layer (SSL) management.

Network Accessibility Configuration

Once you've identified your scenario, request the following from your IT department:

  • Network Configuration. Based on your scenario, your IT team needs to:

    • Configure Domain Name System (DNS) to map the FQDN to the appropriate IP address (VM, firewall, or reverse proxy)
    • Set up firewall rules for the required ports based on your product:

      Write and Fiplana:

      • Port 4000 (required for web service access)
      • Port 4001 (required if the management interface needs to be accessible)

      Vizlib:

      • Port 1982 (default) or the custom port configured during setup
      • For Scenario C: Configure the reverse proxy to forward requests to your web service on the appropriate ports
  • Windows Firewall Configuration. In addition to network-level firewall rules, ensure that the Windows Firewall on the VM itself allows incoming connections on the required ports. This typically needs to be configured during or after product installation.
  • SSL Certificate: Request a PFX certificate for your chosen FQDN from your IT department. Note that:

    • For Scenarios A and B: The certificate will be installed directly on the web service
    • For Scenario C: The certificate might be installed on the reverse proxy instead, depending on your organization's security architecture
    • The PFX certificate file should include both the certificate and its private key, and will typically be password-protected for security
Important:
  • Verify the correct port for your specific product installation.
  • For Vizlib, if a custom port was configured during setup, ensure you communicate this to your IT department.
  • Ensure both the network firewall and Windows Firewall on the VM are configured to allow the required ports.
  • The chosen network scenario affects who can access your service and from where.
  • Each scenario has different security implications and configuration requirements.
  • For Scenario C, additional coordination with the team managing the reverse proxy may be required.
  • Document which scenario is implemented, including which ports are opened, as this information is essential for troubleshooting and future maintenance.

Once your IT department confirms that the network configuration is complete and provides the necessary certificates and configuration details, you can proceed with configuring the web service according to your specific network scenario.

Figure 1:  Scenario A

Figure 2:  Scenario B

Figure 3:  Scenario C

Was this article helpful?

We're sorry to hear that.