For the solution with other Openfire server, how can i run a copy of the original Openfire server?, How can i create the copy? How do i establish the interconnectivity between both servers?. Is necesary federated servers? Is the solution simple?
Thank you for response
Actually, you don’t want to make a straight copy of Openfire, but rather make 2 different installations of Openfire: one in the DMZ, and one internally. (ext-jabber.domain.com and int-jabber.domain.com, for example)
So, on a different server machine (either a physical or virtual machine, makes no difference) that is in the DMZ, you install Openfire, and set it up to allow connections from the Internet/office network outside your own LAN for your users who are outside the company. You can choose here to authenticate against a different company user database (that isn’t using Active Directory), by using the embedded one with manually created different users you want to give access to the company jabber server.
In the server to server setup, you tell it to only allow server connections from your other openfire server with a whitelist (server settings > server to server > allowed to connect : whitelist). This way, the “external” users can only see the DMZ Openfire server, but can still chat with “internal” users, and the internal server and active directory is not in any way exposed.
See also the small image I slapped together, hope that clarifies what you could do. It’s relatively easy to set up, and you can do a lot more than what I just said with it, like automatic grouping/rosters, filtering traffic, etc, but this is the basic setup.