1632

  • Updated on Feb 6, 2026
  • 1 minute(s) read
  • VN
 Prev Next

Topic:

The following information is required to setup internet-facing SDConnex Server.
There are two methods by which the customer can set up an Internet-facing SDConnex Server. This is required for customers whose equipment must be manageable when off the corporate LAN.

1. SDConnex running on a server in the DMZ
2. SDConnex running in LAN with Port Forwarding from Internet-facing address to in-LAN SDConnex server

Product version affected:

All SES versions

Environment (OS/hardware/software):

Please refer to WinMagic website for system requirements with regards to the SecureDoc Enterprise Server
http://www.winmagic.com/support/technical-specifications

Steps for Follow:

Please refer to the screenshot below for all of the TCP/UDP ports required to configure the SES and SQL server.



1. SDConnex running on a server in the DMZ

One - probably the more secure in terms of Network Security - is to set up an additional SDConnex service running on a server in the Network DMZ (de-militarized zone - a protected area outside the corporate LAN but behind its own firewall).
In this case, it will be necessary to provide a link between the SDConnex server and the SQL Database server hosting the SES database.
The ports that must be opened in the firewall that sits between the DMZ and the corporate line-of-business LAN are: 1433 for SQL database connectivity, and 1434 for SQL broadcast.
So, the flow of information between devices connecting over the internet is as followed:
Device traffic on defined SDConnex port (default=Port 7300) --> Internet  --> SDConnex address on DMZ Firewall --> SDConnex Service
The flow of information between this in - DMZ SDConnex server is:
SDConnex traffic on ports 1433 and 1434 -> SQL Server address on DMZ to LAN firewall --> SQL Server in LAN network.
Please refer to the screenshot above.

2. SDConnex running in LAN with Port Forwarding from Internet-facing address to in-LAN SDConnex server

Alternatively, it would be possible to have a Port-Forwarding rule on an internet-facing address on the corporate firewall that will route all traffic on the SDConnex port (default=Port 7300) to an SDConnex server on the corporate LAN
If using Port Translation, the internet facing address could be accepting traffic on some other Port Number than 7300, and then translating that to Port 7300 (or whatever SDConnex is listening on) on the inside of the LAN.
This methodology does not require any specific work to be done between SDConnex and the Database, as it leverages an existing in-LAN SDConnex traditional configuration.

Internal Reference:

https://confluence.winmagic.local:8443/pages/viewpage.action?pageId=10944520

Related articles