Configuring Access to the Web Server Using TPPM

If a firewall is placed between the Web Server and Web Console computer, you must configure third-party ports to open connections to the Web Server through the Web Console computer. This is useful when you have installed the Web Console in a perimeter network to provide global access for external users.

Before You Begin

  • Make sure the computer that will be providing Web Server services has the Web Console software installed on it.
  • Make sure the firewall is already configured for this access. This scenario (the Web Server opens the connection to the Web Console) requires that the SnapProtect Firewall be configured. For instructions, see setting up a one-way firewall (CommServe connects to client) using predefined firewall topology or advanced firewall settings.


  1. In the CommCell Browser, right-click the Web_Server_client and click Properties.
  2. In the Client Computer Properties dialog box, click Network.
  3. On the Firewall Configuration tab, click the Options tab.
  4. Select Access Web Server via following proxy. This option automatically enables the IIS port (dynamic) on the computer hosting the web server for third-party connections.
  5. Select the Web Console computer from the Remote Proxy list.
  6. In the Port Number box, specify a port to be used by the Web Console computer to access the Web Server. This is a local port in the Web Console computer that will be mapped to access the Web Server.
  7. Click OK.
  8. In the CommCell Browser, right-click the name of each computer that uses Third-Party Port Mapping (TPPM), and then click All Tasks > Push Firewall Configuration.
  9. Verify that your firewall configuration was pushed successfully by looking for a firewall push event in the Event Viewer.
  10. Restart SnapProtect Tomcat services on the Web Console computer.