I would like to request that the Default Laserfiche Ports White Paper include a diagram of the different Laserfiche Products that are mentioned in the paper that shows the paths of communication with their appropriate ports between each product. It would also be nice if this included a Primary Forms server and a Forms Server in a DMZ. We get asked for this on a regular basis and it would be nice to have an official one from Laserfiche.
I have taken what Samuel so graciously put together and expounded on it a bit. If someone would like to take a look and give me any feedback on corrections or changes that need\should be made, please let me know. I am uncertain about the DMZ items.
I can provide an unofficial network port diagram with directional flows.
Though it won't cover every possible configuration, it does hit upon the flows between most core Laserfiche components. Please note that an actual load balancer/proxy is not required - that box describes traffic flows from end users. Any of the ports labeled 443 could also be 80 (unencrypted) except for those to LFDS/STS.
Please also note that the Laserfiche Activation service IP address is subject to change. You can always check it by pinging activation.laserfiche.com and seeing what the address resolves to.
All - in addition to adding generic network diagrams. Could the white paper also please provide standard differentiation between client and server applications and UDP and TCP?
The document should specify if the port is a server requirement so that the organization can specific firewall configurations of products for the server environment or end users. They should not share the same policies.
Maybe adapt the tables to list the following information:
- Source (Client/Server),
- Destination (Client/Server), and
- Port (TCP/UDP).
Knowing this information would help simplify the information to be specific to role/use.
Some of the diagrams that Sam provides could be used to provide the generalized knowledge on some of the external Microsoft / system ports often required.
Thanks for the consideration.
Is port 8188 (Laserfiche Authentication Service) used in a Rio environment?
We have a client that is seeing port 135 being used with Forms. What is communicating on that port?
We can consider this request, but one difficulty I foresee is that there are many possible combinations of Laserfiche products. There isn't going to be one definitive diagram that will apply to everyone. At best, we can show diagrams for a few common combinations.
I would also like to weigh in here, this would be a very useful resource.
I agree this would be an amazing resource.
Thanks for the suggestions. We'll work on releasing a paper including Sam's diagram (or some variant thereof).
This ressource has been really usefull to me as I'm currently also working on a diagram for one of my projects.
Regarding the diagram up, i was wondering why there is flows from the Laserfiche Server to the Web Client on 80/443 and 5051 ?