FoxTrot Search Forum
FoxTrot Search for macOS Forum

Home » Public Forums » FoxTrot Search User Forum » Access through VPN (Trouble accessing server or indexes via VPN)
Access through VPN [message #1135] Sun, 10 January 2021 23:26 Go to next message
Mr.X
Messages: 5
Registered: October 2020
Junior Member
Users are behind a VPN and we are having a lot of difficulty accessing the server or the index via the custom port. Can see the server but not get access to the indexes. Even if files can't be retrieved just being able to search the index would be nice.

Any ideas or help would be nice. Thanks.

[Updated on: Sun, 10 January 2021 23:26]

Report message to a moderator

Re: Access through VPN [message #1138 is a reply to message #1135] Tue, 12 January 2021 10:22 Go to previous messageGo to next message
FoxTrot Engineering
Messages: 351
Registered: April 2020
Senior Member
When accessing FoxTrot Server through a firewall, a VPN, or a NAT port forwarding on a router, you should ensure that:
- the ports used are not blocked by some rules of the firewall
- the public ports (on the router or VPN) are forwarded to the actual ports used by FoxTrot Server

FoxTrot uses one port for the server itself, plus one port for each index. Use a range of ports large enough to accommodate the number of indices you have, with extra slots in case some of the ports in this range are already used by some other processes.

When using NAT port forwarding, you can either forward to the same port range (e.g. forward port range 50000-50029 on the router, to port range 50000-50029 on the server), or to a different range (e.g. forward port range 40000-40029 on the router, to port range 20000-20029 on the server).

Retrieving the files requires that file sharing is correctly configured on the OS and on the VPN (this part is completely independent of FoxTrot); then that "File Sharing integration" is enabled and correctly configured in the "sharing" pane of the index, so that the path of the found files, as seen by the server, can be translated to the path that can be used on the client, if different.


Jérôme - FoxTrot Engineering
Re: Access through VPN [message #1139 is a reply to message #1138] Tue, 12 January 2021 15:55 Go to previous messageGo to next message
Mr.X
Messages: 5
Registered: October 2020
Junior Member
Thanks for answering. I didn’t know a port range per number of index used is needed.

Is the port range set in the fox trot search server? I only set one port which was my understanding of what it wanted. I will ask the firewall admins to open a range of ports. The clients when they connect then will connect to the first port? Or to the IP then the port range will be used? Sorry the lack of documentation and examples makes this difficult.
Re: Access through VPN [message #1140 is a reply to message #1139] Tue, 12 January 2021 21:37 Go to previous messageGo to next message
Mr.X
Messages: 5
Registered: October 2020
Junior Member
the language in server dialog is confusing. and it doesn't mention the ports needed by each index. but thanks for the info. It's important and could be very useful in a secure environment.

I set a fixed port of 50,000. Then I told my firewall admin about it. I can access the server but not the index. Makes sense when you say I need more ports.

You're saying that a port is needed by the server and each index. And maybe more (in case some are used "by some other process")?

So I should try adding a range of ports to the list required by firewall admin.

Re: Access through VPN [message #1141 is a reply to message #1139] Wed, 13 January 2021 08:41 Go to previous message
FoxTrot Engineering
Messages: 351
Registered: April 2020
Senior Member
In the "FoxTrot Search Server" application, you only configure the required settings to allow you to use "FoxTrot Search Admin" remotely: a self-signed certificate, an admin login, and a port for the server.
Then, using FoxTrot Search Admin, you can configure the other settings: a CA-signed certificate, the list of users, and the port range for the indices.
The port range for all the indices is configured in the "sharing" pane of the server, as well as the list of users. Each index picks up the first available port in the range, and the server (which uses the fixed port) is responsible to announce to the clients the port number used by each index.
Then for each index, in its sharing pane, you configure the access rights of the users, and the file sharing integration (so files can be found by the clients when their path is different than the path seen by the server).


Jérôme - FoxTrot Engineering
Previous Topic: What is the best way for a new user to learn FoxTrot Pro 7
Next Topic: Cannot Login to Local Host
Goto Forum:
  


Current Time: Sun Feb 05 21:07:14 CET 2023