DMZ SSL Tunnel configuration questions

Discussion created by Mski35 on Jun 29, 2013
Latest reply on Jul 2, 2013 by RobPol

We are currently running Nimsoft 5.11 and have roughly 29 client hub clients deployed across our client base and we have a VPN connection to each client which is used to communicate back to our hub server.  Our hub server is currently configured to establish communication over port 48003. 


We have a new client we are in the process of onboarding however they do not want to build a VPN connection between us and them.  I'm interested in deploying the new hub to the client over the internet and would think the DMZ option should be used to secure communication between us and this client.  I have a few questions I hope to get answered:


  1. What is required to successfully configure this scenario considering there is a firewall on the client side and on the server (our) side?
  2. Is there a way I can configure a secondary communication port on the hub server (443)?  I don't see how this could be done but figured I'd ask anyway. 
  3. Do I need to create a firewall NAT translation rule on the server side to translate our public IP to the LAN IP of our server hub?
  4. What are there implications of opening port 48003 on our firewall to the hub server?  I'd rather not create an allow rule for each new client we add in this manner but may be the safest way to go

Any advise is much appreciated