I have a fairly nice Openfire setup on our internal network, its integrated with AD and we use groups for auto-roster population, at the moment its working very well and I am happy with it.
I would like to expand the installation to allow users to connect from their iPhones and home PC’s, but I don’t want to set up any VPN’s or allow access direct to the internal network. I am hoping that there is some way I can install a second server in the DMZ that users from outside the network can connect to, and this then passes everything between the external client and the internal server. The server in the DMZ would do no authentication, no roster storage or database connections, it would simply act as a proxy between the external clients and the internal server.
Can I install a server in the DMZ that just passes through connections to the internal server for everything? Almost like an Openfire-proxy-only server?