University of Bristol policy dictates that all port 80 and 443 communication from the outside world to any services running inside the main firewall have been blocked.

So in order to allow any external communication into the metivision software we would need to ask for port 443 to be opened - which is https.

All it means is that the web server which runs the metivision software would need to be set up with an SSL certificate from the JANET CA, which is the one we use, and listening on port 443

Does this make sense, and more importantly, is it possible?

Thanks

Hi Pete

i guess I'm semi-understanding your question. So the university says that port 443 must be closed, but they'll make an exception if the metivision system is configured with a certificate?

If they won't open the ports though, your other option is to put the metivision machine in a DMZ outside the university's main firewall. As the metivision machine is configured, it would mean that users INSIDE the university would be going "out and then back in" to view a metivision session though.

My best advice would be for you to get your university's IT people in touch with our engineers here at METI. I'm sure we can figure a way for it to work.

I'm PMing you the email address of our Departmental IT Officer. If that could be passed on to your engineers that would be much appreciated.

PETE

Dear METI,

In order for us to progress with the system, we need to open it up to users from the University, but not on the University network. To do this, we need the web service on the machine to use web secure services, running on port 443.

For this to happen, we would need to initially generate a certifcate and need root & command line access to the box to do this. We will then need the same access to install the certificate and help with configuring the installed web service to provide secure services.


Can you help with this?

PETE

Hi Mr. Dickens,

At this time we do not support running METIVision in the fashion that you are asking about. We have identified this network configuration as a feature that we would like to support and have included it in our development plans for the future. Currently there has not been a release date set, but we will be sure to update you when this feature is available.

In the mean time, setting up a DMZ zone specific for the METIVision system has proven a successful alternative and achieves many of the same results I believe you are looking for. We are more than willing to discuss our options further and work with your facility to orchestrate a solution that best fits your needs.

Best Regards,

Michael Bonner

Audio Visual Specialist, METI