cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - When posting, your subject should be specific and summarize your question. Here are some additional tips on asking a great question. X

Windchill access to external vendor

RajeshBalasunda
2-Explorer

Windchill access to external vendor


We would like to provide access toexternal vendors outside of our firewall to our windchill application (we intend to create aproject, in which we willshare the required information and provide access to that project for the vendors)


Is reverse proxy the only way to acheive this, or is there any other way toget this done.If someone has already configured the windchill app to work with the external vendors, could you please share your experience with me. Also if someone has a document which describes how this could be achieved, that will be really great.

Thanks.


Regards,

Rajesh Balasundaram

4 REPLIES 4

To allow external access you need to expose a web server (preferably with SSL on port 443) to the public with a publicly routable URL. The best way to do it depends on your budget and existing infrastructure. We normally setup external access using one URL for all users, eg windchill.domain.com, and split DNS. The internal DNS server will give out the LAN IP address, while the public DNS server gives out the public IP address.

The two ways to expose a web server from an LAN is a port forward on your external firewall, or a reverse proxy in your DMZ. The port forward option is the easiest, but offers no additional security. The reverse proxy option gives you additional flexibility and more security. For example the Apache server on the external proxy could authenticate off a different LDAP server from your internal Windchill system.

I posted a comment to

Do you have vpn access for employees? Our IT team provides a vpn connection to suppliers that only allows them to see the Windchill server. The supplier only has access to the Windchill project.

John

I use port fowarding on on my firewall, and limit access to the vendors IP address, and the port is also on a time schedule. I created a subdomain on my DNS to point to the server.

Hello



Our Windchill is not accessible directly from the internet for security reasons. Users must first connect to our intranet.



When at the office, WI-FI and LAN allow direct access but outside the office, (home, hotel, airport etc...) we use a vpn connection which connect us to our intranet and then we can access Windchill


This is also the technique we use with our external suppliers and sub contracts and it works very well for us.



Regarding access to PDMLink or ProjectLink is not done for us via VPN but access permission for in Windchill



In Reply to Rajesh Balasundaram:




We would like to provide access toexternal vendors outside of our firewall to our windchill application (we intend to create aproject, in which we willshare the required information and provide access to that project for the vendors)


Is reverse proxy the only way to acheive this, or is there any other way toget this done.If someone has already configured the windchill app to work with the external vendors, could you please share your experience with me. Also if someone has a document which describes how this could be achieved, that will be really great.

Thanks.


Regards,

Rajesh Balasundaram


Announcements


Top Tags