So I've got Server 8 running on OSX, and have been trying to make Server
Admin work, to no avail.

The server sits inside a ZyWall firewall, on a DMZ segment [192.168.1.44,
to be exact..] that's mapped such that its public address {say} 1.2.3.4
ports 5003, 50003 & 50006 are mapped to 1.44 ports 5003/50003/50006.

I can do Admin functions from that DMZ segment. I can not from elsewhere.
I can do remote database operations from outside.

Confused and frustrated; I used Ethereal aka Wireshark to collect traces
in both the on & off DMZ cases and sent them to a TCP/IP guru friend.
[He knows nothing of Filemaker; but assuredly know his packets...]

He looked through them and reports that the last thing that happened in
the off-DMZ [aka failure..] case was the Admin client on my end attempted
to send a packet to .....192.168.1.44 & sure enough that failed. So
that means in the previous exchange, the Server must have said "I'm at
192.168.1.44" to the client.....

My guru was astonished that Filemaker would ever do something this
....well.. self-defeating. Seems this kind of bug was a known issue
decades back when NAT and LANs started appearing. He wonders if there's
some setting I'm overlooked on the Server where I tell it "you are really
at 1.2.3.4; don't listen to ifconfig" or such. [Not that there SHOULD be
needed; but it would be a workaround....]

{This also explains why attempts to run Admin over a ssh tunnel to the
box fail.}

Can anyone comment on this? Do you have Admin working to a server on a
DMZ segment; and if so, how'd you get it going? I find it hard to believe
it's really the case that a server can not be on a segment, but from what
little I know, and the trace results; that appears to be the case...





--
A host is a host from coast to coast.................wb8foz (AT) nrk (DOT) com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433

I have found other reports confirming this issue.

Filemaker Inc's response seems to be of the "THAT? That's not a bug, it's
a feature..." flavor...

--
A host is a host from coast to coast.................wb8foz (AT) nrk (DOT) com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433

On Jul 11, 4:25 pm, David Lesher <wb8... (AT) panix (DOT) com> wrote:
If that's the case perhaps a solution would be either a terminal or
web proxy on the DMZ segment?

-Dave

d-42 <db.porsche (AT) gmail (DOT) com> writes:


The solution is for FMI to fix their bug.

The workaround is to use a VPN to the DMZ segment...


--
A host is a host from coast to coast.................wb8foz (AT) nrk (DOT) com
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433