The Front-end server is accessed by a variety of clients and from multiple locations. For performance and security reasons, they are divided into two groups;
- Clients from the inside of the of the firewall (LAN)
- Clients from the outside of the of the firewall (WAN)
To support these groups, the Front-end server has two ports available; An Internal port and a Public port, shown below as I and P1. Basically, the two ports delivers the same functionality to all clients, but the Public port does not allow access to statistics (/statistics), the log file (/log) and the info page (/Info/all). The Internal port is the main port of the Front-end server and is used to access the server from within the organization.
The base agents are given one or two addresses for communication with the Front-end server.
- An address to the Internal port I (FrontendServiceInternalUrl). This is the main and preferred port.
- An address to the Public port P2 (FrontendServicePublicUrl). This is the port that the base agent will fail-over to if the Internal port is unavailable (When the computer is away / the employee works from home / the computer is located at a remote location without a VPN connection)
The Firewall must then redirect incoming calls on P2 to the Front-end P1.
The internal port can be altered in the System Administration plugin or by command line argument /internalport=<port>. The default port is 80.
The public port can be altered by command line argument /publicport=<port>. The default port is 7777.
- To disable encryption on the internal port use the command line argument; /internalencryption=false.
- To disable encryption on the public port use the command line argument; /publicencryption=false. (not advised)