jeudi 22 mars 2012 07:23
After a long struggle I finally got (test) CRM up both internally and externally. My joy was short lived, though. In my setup I put both the CRM server and ADFS server directly on a public IP. I have now learned that this is a big no-no and ines, SBS 2008 (which hosts my ADFS) should only be on an private IP address. So I guess I will have to put my host, virtual CRM server and virtual SBS server (with ADFS) behind a router and either configure them with DHCP or set a PRIVATE static IP. Is this how Microsoft was also envisioning it for CRM or do they expect one or both of these servers (CRM & SBS/ADFS) being on public IPs?
For now I assume they should not be on public IPs. Now according to the guide for claims based authentication I need to have [orgname].[domain].com point to my CRM server and auth.[domain].com point to my SBS/ADFS server. How is that done? Do I have to configure the router so that traffic to these IPs are routed to static private IP addresses associated with those two servers? Or can these servers be on dynamic IPs and the DNS settings (as explained in the aforementioned guide) on the SBS server sort everything out?
Toutes les réponses
lundi 16 avril 2012 19:06ModérateurThe servers should not have public IP addresses. They should have private static IP addresses. The external DNS records for the CRM and ADFS servers should reference public IP addresses. Your router/firewall should map incoming requests on each of the public IP addresses to the relevant servers (using the private IP address).
- Marqué comme réponse hfaun lundi 30 avril 2012 22:07
lundi 30 avril 2012 22:07Thank you. That is what I finally ended up doing. All of the subdomains point to the same public and statis IP address through external DNS records. Then on the router I send 443 to the server hosting CRM and 444 to the server hosting ADFS. Both of these servers are on private static IP addresses.