Re: Server-to-server support

I think that I understand what Josh wants and it is exactly what I am looking for.

Here is the scenario

I have set up a jabber server inside of my organization and we have a significant # of users logged in using the system. All is good here.

I would like to put a second server up in my DMZ, which would be accessible to the Internet for remote employees to use (only when working remotely) that they could attach to. I would then configure some ACL’'s between the two hosts so that they could communicate to the internal server. Also, I would disallow inband account creation and so forth on the external server.

This would alllow remote employees to logon to the outside jive server and make a connection to the inside users on the inside.jive server without having to have 2 independent accounts and separate rosters.

My primary goal is to keep all instant messaging to remote employees and internal employees directly on our own instant messenging servers (rather than allowing AIM, ICQ or some other centralized server to get in the mix). However, i don’‘t want to make our internal jive server open to the internet and I don’'t want to allow non-employees to create accounts on the outside jive server.

At the present time, employees have to make a VPN connection to the network and then just run the client of their choice to connect to our internal jive server.

Note: I branched this from an existing thread since the original thread was quite old.

It sounds like s2s support will work great for this situation. You can configure the server to only support s2s between one another in the admin console. If you run into any problems, let us know!

-Matt

actually, s2s does NOT work at all like this (at least I don’'t think it does).

With S2S, I would have account@server1.example.com and account@server2.example.com. If I wanted to send a message from server1 to server2, I would have to create a contact in my server1 roster for the person on server2. This is exactly what I wanted to avoid.

I want a server available to the internet which can be locked down, (no in-band account management, etc). I want a server available on the internal network (which is much less restrictive).

When I am traveling, I want to logon to the server available to the internet and have the same roster list, etc as the server on the inside.

However, it appears that I would have to create contancts for all users on the inside as S2S sees this as two disparate messaging systems rather than two nodes of the same system working in tandem with one another.

Please correct me if I am wrong.

Message was edited by:

pparks1