Community Tip - New to the community? Learn how to post a question and get help from PTC and industry experts! X
Good morning i'm SeonHo
i have question about external access ..
Windchill is said to be web-based.
Web-based means that you can access from outside if you have a valid account or privilege.
However, it can only be accessed within the network where the Windchill installed server is located.
In order to allow external access, all of the firewalls are released, port 80 is opened, and port forwarding is set to internal IP installed with Windchill.
When you access Windchill, the PTC logo and login pop-up appear, but after logging in, an error is displayed and you can not access Windchill.
I tried external access through a reverse proxy, but this was also possible only on the internal network.
I would like to access Windchill even when using an external network due to my business trip, not my internal network.
Let me know how to configure it
Please tell us which section of the document you need to refer to or how to access it externally.
Thank you.
Solved! Go to Solution.
No, only an Apache server in the DMZ. It's the reverse proxy.
 I don't understand this question , but the reverse proxy configuration is done ... on the reverse proxy,  in the DMZ.
It does the URL rewrite job, changes the server name between internet and the intranet, and eventually the port number.
Yes, it's wiser. Not mandatory but wiser
First, for safety. HTTP is not safe at all...
Second, if you need to access to applets ( admin task) you need to setup RMI tunelling, and HTTPS is a prerequesite to this.
On the reverse proxy server.
Hi,
Yes, reverse proxy is the solution.
The main reason lies in the way PDMLink generates URLs.
These URLs use the internal name of the server, so they can't be used on an extranet...
If it doesn't work, something's wrong in yout configuration !
Documentation : http://support.ptc.com/help/windchill/wc110_hc/whc_en/index.html#page/Windchill_Help_Center%2FWCAdvDepNetworkConfig_ReverseProxy.html%23
Thanks olivierfresse
I'll give you some confirmation, let me know if I'm right.
First, it need two Windchill for reverse proxy configuration?
Second, Windchill was configured reverse proxy in DMZ and point it inside the original Windchill?
Third, should you use HTTPS only to allow external access with a reverse proxy configuration? Is that correct?
Finally, where does ProxyPassReverse or ProxyPass work? Is ProxyPass the original Windchill? Or is Windchill with a reverse proxy configuration?
thank
No, only an Apache server in the DMZ. It's the reverse proxy.
 I don't understand this question , but the reverse proxy configuration is done ... on the reverse proxy,  in the DMZ.
It does the URL rewrite job, changes the server name between internet and the intranet, and eventually the port number.
Yes, it's wiser. Not mandatory but wiser
First, for safety. HTTP is not safe at all...
Second, if you need to access to applets ( admin task) you need to setup RMI tunelling, and HTTPS is a prerequesite to this.
On the reverse proxy server.
thank you for answering.
Is "Apache Server" referring to the software you download from Oracle?
Or is it referring to PSI's http server?
The PSI one !
I only need to install an http server from an independent component, right?
Th easiest is to install Apache from PDMLink's installer, no need to download another one
thank you!
i'll try set reverse proxy
Not able get the end result.
Hi,
If you cannot get the same result as a result of configuring a reverse proxy, we recommend configuring a VPN.
Since one additional PC is required for the reverse proxy configuration, we have succeeded in external access using a router that supports VPN.
Alternatively, you can accept external access using external IP and port forwarding.
However, if you use an external IP, it is vulnerable to attacks such as ransomware, so please take note of this and work.
Regards.
Hi,
yes of course using vpn, but I need to use with the reverse proxy only, any one can reply on this..
All the configurations are done but if i log in the wc app server automatically host id is changing and getting the Internal server error.
regards,
Hariharan.
 
					
				
				
			
		
