Knowledgebase: Novohit English
Port Forwarding and DNS Router Configuration for WAN Access - ENGLISH

Requirements


 

  1. Static (fixed) Public IP and FQDN (Fully Qualified Domain Name) provided by novohit (e.g. novohitmyserver.net). If you do not know your FQDN contact our help desk.
  2. Compatible Router, please check the following list of compatible Network Router.
  3. Verify your current server's local IP address and backup the Router Configuration. Our support team will communicate the IP address of the server.
  4. Verify all your PCs have their DNS configured to your LAN's gateway (.1 or .254) and NOT Google's or OpenDSN's name servers (no 8.8.8.8 to 8.8.4.4).

To configure your PC's DNS, please check this guide for Windows Vista, 7, 8.

Configurations


Please follow the instructions to configure DNS Entries and Port Forwarding on your router.

Plan ahead and notify your users. Before starting, you users should be logged out of novohit.

After finishing the configurations, you must reboot you local Server and reboot (restart) your PC Terminals. Make sure you set your PC's DNS settings and then reboot.

PC Configuration

  1. Verify all your PCs have their DNS configured to your LAN's gateway (.1 or .254) and NOT Google's or OpenDSN's name servers (no 8.8.8.8 to 8.8.4.4).
  2. Change all your Browsers home page configuration, everybody, both local and remote, should connect using the FQDN: https://novohitmyserver.net. You should NOT use your local IP address anymore.

DNS Configuration

On your Routers Administration panel, identify the DNS Entru option (usually this option is Advanced Configurations > DNS Server > Add DNS Entry). Once identified, enter a DNS entry to map your server's local IP Address to your FQDN (novohitmyserver.net). Most of our clients comply with the server's local IP address of 192.168.1.100 (1).

The final result should be something like this:

Hostname

IP Address

Source

Action

novohitmyserver.net 192.168.1.100 User Defined Edit | Delete
another-terminal-pc1 ... ... ...
another-pos-pc2 ... ... ...

Testing:

From a computer on the LAN, on a terminal or command line ping to your server's FQDN (novohitmyserver.net), the result should be the server's local address. Example:

> ping novohitmyserver.net
PING novohitmiservidor.net (192.168.1.100) 56(84) bytes of data.
64 bytes from novohitmyserver.net (192.168.1.100): icmp_seq=1 ttl=64 time=0.038 ms
64 bytes from novohitmyserver.net (192.168.1.100): icmp_seq=2 ttl=64 time=0.031 ms
--- novohitmyserver.net ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1487ms
rtt min/avg/max/mdev = 0.031/0.034/0.038/0.006 ms

If the response is NOT the local address, then check that:

  1. You computer is not using a public DNS setup (for example, google's).
  2. The router is correctly configured.

Mikrotik DNS Configuration

mikrotik

 

mikrotik

Verizon FiOS Router Configuration

 

Router DNS Example

 

Port Forwarding

ATTENTION: This list has recently changed in order to comply with the new security policies with https acces.

Before doing any changes, please verify your current server's local IP address and backup the Router Configuration. Our support team will communicate the IP address of the server.

PORT FORWARDING(1)

PORT

DESCRIPTION

22 TCP SSH Secure Shell
25 TCP SMTP Outgoing Mail Server
80 TCP Novohit Web Server
443 TCP Novohit Secure Web Server
8080 TCP Novohit Report Engine (A.R.E.)
123  UDP Global time sync
873 TCP RSync Novohit® Cloud Backup
5432 TCP Novohit Support
5901 TCP Novohit Support
5902 TCP Novohit Support
50000 TCP Call Accounting
1194 UDP Automatic Remote Printing Services
139 TCP Printing Services
445 TCP Printing Services
10050 TCP Active Monitoring Services
10051 TCP Active Monitoring Services

Please coordinate this activity as it will be necessary to reboot the Server and the Terminals.

Network Diagram

 

 


(1)
If you implemented novohit as of 2013, your local IP segment should be 192.168.x.x and the main server IP ends in .100 (e.g.: 192.168.1.100). Some exceptions may apply.

IMPORTANT: Routers must be professional or Industrial Grade. Home-grade routers have several limitations that will degrade or block some services. You must disable Router Remote Managing on port 8080 as it conflicts with novohit's Report Engine. Refer to your router manual.


Update: May 2014