If you've worked with Lotus Notes and Domino for any length of time, you understand the meaning of the magical number 1352. That's the TCP/IP port number reserved for Lotus Notes and Domino communication. This port is reserved strictly for communication bwetween Notes and Domino servers and clients. In many corporate environments, this port is either restricted or completely closed. While there are a lot of things that can be done using web versions of apps (over the commonly open port 80), sometimes only client access will do. And if 1352 is closed, you're often out of luck if you want to access a server you have set up at home or anywhere outside the corporate environment...
...or not. Most people don't know that It is possible for Notes and Domino to communicate over any available TCP/IP port. Domino can monitor multiple ports for TCP/IP traffic, but it takes some configuration changes to make it happen. These requirements are poorly documented, and nobody has ever published a single procedure for setting this up, so I thought I would fill that particular gap.
Note that this is not recommended or supported by IBM. Making these kinds of changes generally requires some admin knowledge, access to the router/firewall that protects your server from the Internet (you do have a firewall, right?), and direct access to the server in question, inlcuding its operating system files and Domino Directory. Do so at your own risk, your mileage may vary, do not violate company policies, etc.
In this exercise I'll assume that we're using port 80 and Notes and Domino 8.0.1. The server is publicly accessible via myserver.net and has an internal IP address of 10.12.2.2.
Step 1: Determine a TCP/IP Port to Use
The first thing to do is identify an alternate port that you want to use. This port needs to be open in both your corporate firewall and unused by your target server. If your target server is not a web server, port 80 is a good candidate. if it's not serving SMTP mail, try port 25. If you don't do SSL, try 443. In this example I'll use port 80.
Step 2: Server Needs a Fixed Internal IP Address
The second thing you'll need to do is assign a fixed internal IP address to your server. This is required for this solution to work. For the proper steps, check your OS. You may also have to make changes to your router to route all appropriate traffic to this address. Again, I'm using 10.12.2.2 in this example.
Step 3: Modify the Server's Notes.ini
Third, you'll modify the notes.ini of the server in question. You'll need to make the following changes. MAKE A BACKUP COPY OF YOUR NOTES.INI BEFOREHAND, and if you blow up your Domino server, don't come crying to me, I warned you...
A. Name a new Domino TCP/IP port by adding the port name to your PORTS entry in the notes.ini. In this case we're creating a new port called TCPIP80.
Old entry:
Ports=TCPIP
New entry:
Ports=TCPIP,TCPIP80
B. Create the port definition by adding an entry like the following.
New entry:
TCPIP80=TCP, 0, 15, 0,,32800
The numbers in the line above have some meaning, but they almost never need to be modified. When in question, copy an existing port definition and modify the name.
C. Tell the server to direct the new port to listen on TCP/IP port 80. This makes use of the little-known notes.ini setting <TCPPortname>_TCPIPAddress, which is nominally used to define the IP address and port number for a partitioned server. But as an alternate usage, it can tell your server to listen on an alternate port (even if the server is not partitioned).
Assuming the internal IP address is 10.12.2.2 and you're workinmg with port 80, you'd make an entry that looks like this.
New line:
TCPIP80_TCPIPAddress=0,10.12.2.2:80
You can find more information about this notes.ini entry here. The best thing about this is that your original TCP/IP port still listens on 1352, so standard connections will continue to work.
Step 4: Modify the Server Document
Now you'll need to modify your server configuration document to enable the new port. In the Domino Directory, open the server's config document and go to the Ports tab, then the Notes Network Ports sub-tab. There you should see a new entry for your new port. If there is no entry for the new port re-start the Domino server process.
The new port's "Enabled" entry will probably be empty. Change it to Enabled and re-start the server. Watch the startup process. If you get no error messages the port should be active.
Step 5: Re-Direct Router Traffic
Use the admin settings on your router to direct port 80 traffic to the Domino server. The procedure and exact settings will vary based on your hardware.
Step 6: Create a New Port on the Notes Client
Now you need to tell your Notes client to talk to the server via the new port. This is easier than you might think.
A. Using File-Preferences-Notes Ports (or File-Preferences-User Preferences-Notes Ports for pre-8 versions), create a new TCP/IP port.
A1. Click New...
A2. Give the port a name (i.e. TCP80), select the TCP/IP protocol, and click OK.
A3. Make any other changes you like to the new port. I recommend encryption and compression.
B. Create a new connection document to use the port. Open your local Names.nsf to the Advanced view and create a new Server Connection document.
B1. Connection type: Local Area Network
B2. Use LAN Port: Select your new port.
B3. Server name: If you don't know you hasve no business doing this.
B4. Click on the Advanced tab...
B5. Locations: Select as you see fit.
B6. Usage priority: Normal.
B7. Destination server address: Here comes the magic. Enter the name or IP address of your server, followed by a colon and the port number. Example: myserver.net:80
C. Save and close the connection document.
D. Create any location documents you might want. This depends on how you use locatuions to manage your client configuration. Make sure the location document makes use of the new port, and that the new connection document makes use of the port as well.
Step 7: All done!
Now re-start your Notes client. Log in, select your new location, and try to open a database on the destination server. If you've done everything right, your Notes client will be able to reach your server from behind the firewall. I recommend testing this without the firewall first, to make sure everything is working.
...or not. Most people don't know that It is possible for Notes and Domino to communicate over any available TCP/IP port. Domino can monitor multiple ports for TCP/IP traffic, but it takes some configuration changes to make it happen. These requirements are poorly documented, and nobody has ever published a single procedure for setting this up, so I thought I would fill that particular gap.
Note that this is not recommended or supported by IBM. Making these kinds of changes generally requires some admin knowledge, access to the router/firewall that protects your server from the Internet (you do have a firewall, right?), and direct access to the server in question, inlcuding its operating system files and Domino Directory. Do so at your own risk, your mileage may vary, do not violate company policies, etc.
In this exercise I'll assume that we're using port 80 and Notes and Domino 8.0.1. The server is publicly accessible via myserver.net and has an internal IP address of 10.12.2.2.
Step 1: Determine a TCP/IP Port to Use
The first thing to do is identify an alternate port that you want to use. This port needs to be open in both your corporate firewall and unused by your target server. If your target server is not a web server, port 80 is a good candidate. if it's not serving SMTP mail, try port 25. If you don't do SSL, try 443. In this example I'll use port 80.
Step 2: Server Needs a Fixed Internal IP Address
The second thing you'll need to do is assign a fixed internal IP address to your server. This is required for this solution to work. For the proper steps, check your OS. You may also have to make changes to your router to route all appropriate traffic to this address. Again, I'm using 10.12.2.2 in this example.
Step 3: Modify the Server's Notes.ini
Third, you'll modify the notes.ini of the server in question. You'll need to make the following changes. MAKE A BACKUP COPY OF YOUR NOTES.INI BEFOREHAND, and if you blow up your Domino server, don't come crying to me, I warned you...
A. Name a new Domino TCP/IP port by adding the port name to your PORTS entry in the notes.ini. In this case we're creating a new port called TCPIP80.
Old entry:
Ports=TCPIP
New entry:
Ports=TCPIP,TCPIP80
B. Create the port definition by adding an entry like the following.
New entry:
TCPIP80=TCP, 0, 15, 0,,32800
The numbers in the line above have some meaning, but they almost never need to be modified. When in question, copy an existing port definition and modify the name.
C. Tell the server to direct the new port to listen on TCP/IP port 80. This makes use of the little-known notes.ini setting <TCPPortname>_TCPIPAddress, which is nominally used to define the IP address and port number for a partitioned server. But as an alternate usage, it can tell your server to listen on an alternate port (even if the server is not partitioned).
Assuming the internal IP address is 10.12.2.2 and you're workinmg with port 80, you'd make an entry that looks like this.
New line:
TCPIP80_TCPIPAddress=0,10.12.2.2:80
You can find more information about this notes.ini entry here. The best thing about this is that your original TCP/IP port still listens on 1352, so standard connections will continue to work.
Step 4: Modify the Server Document
Now you'll need to modify your server configuration document to enable the new port. In the Domino Directory, open the server's config document and go to the Ports tab, then the Notes Network Ports sub-tab. There you should see a new entry for your new port. If there is no entry for the new port re-start the Domino server process.
The new port's "Enabled" entry will probably be empty. Change it to Enabled and re-start the server. Watch the startup process. If you get no error messages the port should be active.
Step 5: Re-Direct Router Traffic
Use the admin settings on your router to direct port 80 traffic to the Domino server. The procedure and exact settings will vary based on your hardware.
Step 6: Create a New Port on the Notes Client
Now you need to tell your Notes client to talk to the server via the new port. This is easier than you might think.
A. Using File-Preferences-Notes Ports (or File-Preferences-User Preferences-Notes Ports for pre-8 versions), create a new TCP/IP port.
A1. Click New...
A2. Give the port a name (i.e. TCP80), select the TCP/IP protocol, and click OK.
A3. Make any other changes you like to the new port. I recommend encryption and compression.
B. Create a new connection document to use the port. Open your local Names.nsf to the Advanced view and create a new Server Connection document.
B1. Connection type: Local Area Network
B2. Use LAN Port: Select your new port.
B3. Server name: If you don't know you hasve no business doing this.
B4. Click on the Advanced tab...
B5. Locations: Select as you see fit.
B6. Usage priority: Normal.
B7. Destination server address: Here comes the magic. Enter the name or IP address of your server, followed by a colon and the port number. Example: myserver.net:80
C. Save and close the connection document.
D. Create any location documents you might want. This depends on how you use locatuions to manage your client configuration. Make sure the location document makes use of the new port, and that the new connection document makes use of the port as well.
Step 7: All done!
Now re-start your Notes client. Log in, select your new location, and try to open a database on the destination server. If you've done everything right, your Notes client will be able to reach your server from behind the firewall. I recommend testing this without the firewall first, to make sure everything is working.
Ссылка скрыта от гостей