We've been using FM for a long time, with FMS, FMP, FMGo, WebDirect and CWP. For years we had a 2-machine FMS setup so that we could keep the DB server behind the firewall, and the WPE outside. This worked well: WebDirect was accessible to anyone on the Internet (password protected, of course), but to reach FMS Admin Console or to open a hosted DB (or see DBs in the Open Remote Launch Center), the person had to either be onsite or on the VPN.
We've recently upgraded to FMS16, which I know changed port requirements for a 2-machine config. We couldn't figure out how to open up WebDirect to outside the network, so we (temporarily?) switched to a 1-machine config (also because 16 is supposed to be tons better for WebDirect on a 1-machine than pre-16). Anyway, now on the 1-machine, we've got outside access to WebDirect but we've also got outside access to the FMS Admin Console & to the hosted DBs -- incl. seeing them in the OpenRemote/LaunchCenter .
I know we can set FMS to require users to enter username/password to "List only the databases each user is authorized to access”… But is there any way to achieve our goal of:
- WebDirect accessible to the outside world
- FMS Admin Console and FMP OpenRemote only accessible to in-network / on VPN
Lastly, the head of IT would like to put the DB server fully back inside the firewall, as we'd done pre-16. Is this still possible? (in a 2-machine setup)
Thanks very much,