Dear fellow committees,
We are in the midst of publishing NAM 2018 Server to the internet. As all of you may have known, port 4183 have to be published publicly for authentication purposes. Unfortunately, this request was rejected by security team as it fails to comply with their organization's policy. Only port 80/443 is permitted to be published to the internet.
For the record, NAM Server and NAM Console are currently residing inside a same physical server. Both services are using the same set of SSL certificate/domain name.
Hence we suggested to separate both NAM Server and NAM Console into two different server. By doing so, we can have two public IP so that each request (Login/Authentication) can be routable. So the question is:
1. Can we bind NAM Console port to 443 if its now a standalone service in different server?
2. Are we able to reuse the same SSL certificate/domain name for NAM Console?
3. Most importantly, how feasible is the suggestion above?
Appreciate your input.
Solved! Go to Solution.
1. Yes, you can run Console on port 443 as long as it is not occupied by any other service.
2. Using the same name for two different machines is not something I would do. You should have two different certificates with different names or wildcard certificate for multiple hosts.
3. Keeping Server and Console on separate machines is of a good solution for port issue. Another would be to install some kind of reverse proxy like nginx to remap console port.