63

ClockWatch User's Guide

< Prev     index     Next >

< Prev       Next >

Using ClockWatch Behind Firewalls

Firewalls are common in networks to separate the LAN users from the World Wide Web. A firewall is a server or application that serves as an intermediary between the LAN users and the Internet. Applications needing access to the Internet must talk to the firewall for access to the outside.


ClockWatch normally uses the Internet to connect to the timeservers of the National Institute of Standards and Technology (NIST) or other timeservers. Beginning with version 1.3, ClockWatch can be configured to work behind a proxy server.


There are several approaches that can be used to connect ClockWatch to the Internet through a firewall. In general, these approaches involve configuring the application to work with the server. In some cases configuration of the server is also necessary.


Steps to configure ClockWatch behind a firewall.


1. Check if re-configuration is necessary behind the firewall:

Install ClockWatch and see if it works.

2. If ClockWatch can't communicate directly over the Internet, find out the type of firewall is in use from the network administrator:

If the firewall is a proxy server, one option is to use port mapping.

If it is a SOCKS (Socket Secure) Server
, then one option is to use SOCKScap application wrapping.

Both options are described below.


Port Mapping & TCP Bridging

Port mapping and TCP bridging allows for an unused port on the proxy server to be configured to contact the timeserver on behalf of ClockWatch. ClockWatch sends the request to the proxy server using the port specified. When the proxy server receives a request on that port it "maps" or "bridges" the request to the address and port configured on the proxy server over the Internet. The response from the timeserver is then relayed back to ClockWatch.