You are viewing limited content. For full access, please sign in.

Question

Question

Default Laserfiche Ports Diagram

asked on January 17 Show version history

I would like to request that the Default Laserfiche Ports White Paper include a diagram of the different Laserfiche Products that are mentioned in the paper that shows the paths of communication with their appropriate ports between each product. It would also be nice if this included a Primary Forms server and a Forms Server in a DMZ. We get asked for this on a regular basis and it would be nice to have an official one from Laserfiche.

16 0

Replies

replied on January 22 Show version history

Hi all,

I can provide an unofficial network port diagram with directional flows. 

Though it won't cover every possible configuration, it does hit upon the flows between most core Laserfiche components. Please note that an actual load balancer/proxy is not required - that box describes traffic flows from end users. Any of the ports labeled 443 could also be 80 (unencrypted) except for those to LFDS/STS.

Please also note that the Laserfiche Activation service IP address is subject to change. You can always check it by pinging activation.laserfiche.com and seeing what the address resolves to.

Laserfiche Data Flows - Generic - 2019-01-21.png
2 0
replied on January 23

@████████, thank you for this! This is a great start. We look forward to an official diagram in the future.

1 0
replied on January 23

What is port 389 used for? I do not see that port listed in the Default Ports document.

0 0
replied on January 23

389 is active directory port. 

1 0
replied on January 23

Thank you Chris.

0 0
replied on January 18

We can consider this request, but one difficulty I foresee is that there are many possible combinations of Laserfiche products. There isn't going to be one definitive diagram that will apply to everyone. At best, we can show diagrams for a few common combinations.

1 0
replied on January 18

Leif, I understand that everyone's setup could be any number of combinations of servers and products. I think what would be the most helpful is to show a diagram with each Laserfiche product (regardless of what server they sit on) and the communication paths that happen between each product and on what ports.

From that I can communicate to the client what Laserfiche products sit on which of their servers and translate it, but right now we don't have any official document from Laserfiche to go off of to start.

4 0
replied on January 21

If possible, having directional arrows that show if the port is used for an outbound communication or an inbound one would be helpful.

1 0
replied on January 21

This would be extremely helpful.

0 0
replied on January 21

I would also like to weigh in here, this would be a very useful resource.

1 0
replied on January 23

I have taken what Samuel so graciously put together and expounded on it a bit. If someone would like to take a look and give me any feedback on corrections or changes that need\should be made, please let me know. I am uncertain about the DMZ items.

1 0
replied on January 23

I do understand that there are situations where the DMZ setup for Forms may be different, but I am assuming that if they are that someone would just follow the "Hosting Laserfiche Forms 10 In a Perimeter Network (DMZ)" white paper. There could also be more than 1 DMZ server and communication with those would need to be figured out for an STS instance as well.

0 0
replied on January 18

I agree this would be an amazing resource. 

0 0
replied on January 22
0 0
replied on January 28

Thanks for the suggestions. We'll work on releasing a paper including Sam's diagram (or some variant thereof).

0 0
replied on January 28

Please make sure it includes a DMZ as that is usually the main issue since firewall configurations are more likely needing adjustments going from the internal network to the DMZ. The majority of the time internal communications between servers are not blocked.

2 0
replied on January 29

Is port 8188 (Laserfiche Authentication Service) used in a Rio environment?

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.