• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 864
  • Last Modified:

Accessing Domino Server over Internet via cable modem

I set up a first domino server and am trying to access it with Domino Administrator remotely at home using cable modem access.  

Domino was installed on a machine running NT 4.0 Server SP 6, IIS 4.0, Tomcat Server using IIS for http, Lotus QuickPlace also using IIS for http and a software firewall proxy (Midpoint Gold).  

Per Domino I did not load the http stack and will use the notes admin client.  I enabled port 1352 on the firewall/proxy.  

Also, their are two network cards in this machine.  One for the internal LAN and one for Internet access via SDSL router.  The network card handling Internet connections has several IP addresses configured and one is free to be used with Domino.

What do I need to do to make Domino work in this "real world" case?  When installing domino the screens just show a TCP/IP port enabled but I don't see anywhere where I can assign it to the free IP address.  

I am totally new to domino (reading book) and need help with what I need to do per the :

host file/DNS
Domino config
Proxy ports to be opened

Thanks  in advance.
  • 9
  • 6
  • 3
1 Solution
In one of the installation screens you have entered your server name.
For example: FirstServer/myDomain

than you need on WinNT in the dataset "hosts" the server name with its IP address.
For example in C:\WinNT\system32\drivers\etc\Hosts

you need this line:  FirstServer FirstServer.internet.host.and.domain.name.us

Your TCP/IP address is the CommonName of the server in the hosts file.

If you do not like this hosts file, than you can define the ip address in clinets connection documents and servers network/port definitions AND in notes.ini var TCPIP_TcpIPAddress, like here:

Any questions?

TaurusAuthor Commented:
Your comment is illegible to me.  What's with all the dots? Are you in a hurry and not typing correctly?  My server's name is pluto/ExtremeAdvance.  Please give a clear example.  Keep in mind I have two network cards.  One for the internal network and one for the Internet.  I have no idea what IP addresses or card the Domino install binded itself to.  In other words a server should be listening on a port (ip & port #) for a particular NIC.  How does the domino setup determin this?  Please be clear.

Your comment is illegible to me.  What dots do you talk about? ;-) All typing is done as required.

First of all: you have not stated wath IP address and port do you like to use for your pluto/ExtremeAdvance server.
So let us assume your IP address is
and you use the Notes standard TCPIP port 1352
This IP can be of either of the cards.
You have to see exactly this address in the output of this WinNT IPCONFIG command:
Windows NT IP Configuration
Ethernet adapter xxx3yyyZ:
        IP Address. . . . . . . . . :
        Subnet Mask . . . . . . . . :
        Default Gateway . . . . . . :

If you determine your correct IP address is, than do following.
1.) Add following line to content of this dataset  C:\WinNT\system32\drivers\etc\Hosts pluto/ExtremeAdvance

2.) Add following line to dataset content of servers notes.ini

3.) Following two lines are already present in servers notes.ini
TCPIP=TCP, 0, 15, 0

This statement nr. 3 is only to claryfy to you how to use more then one  IP addresses with one server. For example, use one address for unencrypted internal connections and the other for encrypted external connections. Than you have to add more TCPIP statements into notes.ini to enable this. But let us start firts with geting running one IP address. Important to you is: every port has a distinguish name for your server. The defaul name for TCPIP is TCPIP. But you can call it either TCP or HUGO or wath you like. You have only to name it in this three places the  same:
HUGO=TCP, 0, 15, 0

(do not change your port name to HUGO!!! it is only for clarification)

So you see, the decission wath card to use is made by you giving the server one explicite IP address.

Wath is your next question?

So long,
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

TaurusAuthor Commented:
Yes, more ?s.

3.) Following two lines are already present in servers notes.ini
TCPIP=TCP, 0, 15, 0

What is this here default specifying?  How do I ascertain what IP address is being used by notes by default.  In other words my internal NIC uses IP x.x.x.100:8080,  The NIC for the Internet connection uses IP Port(s) x.x.x.154:80 (IIS), x.x.x.155:80 (IIS), x.x.x.156 (not used/listened on), x.x.x.158:80 (IIS/QuickPlace).  Of these what does notes set up as default?  What are the four params following TCPIP=?
we two are talking different languages...

OK, one more time.

Your Domino has a server name, OK, the name is: pluto
The server is running on a mashine belongin to a TCPIP domain.
Either look on WinNT under:

On the left side is the mashine name, on the right side the domain name (if any entered)

Or, other method, look the response from WinNT command:  IPCONFIG /ALL
C:\>ipconfig /all
Windows NT IP Configuration
        Host Name . . . . . . . . . : reflector.some.company.it
        DNS Servers . . . . . . . . :
        Node Type . . . . . . . . . : Broadcast

So your complete LotusDomino internet host name is: pluto.some.company.it

This is the host name your Domino is lestening to those ports you enable in names.nsf for this server: pluto
Domino does himself resolve the ip address bound to this host name:  pluto.some.company.it

For example, if you like your pluto to listen on HTTP and SSL and LDAP, and you choose the default ports for this services, than is your pluto listening on this ports:
and for notes native protocol on

If your mashine has several ip addresses than you can chose which one is: pluto.some.company.it
You can define this in C:\WinNT\system32\drivers\etc\Hosts or in DNS server. The better choice for beginning is the Hosts dataset. It is resolved before DNS.

The notes.ini settings I told you in former comments are only interesting if you like to use more then one TCPIP addresses for your single Domeino server named: pluto
But I think this not your primary problem.

I think your primary problem is: your pluto is running fine, but you can not reach him from home; right?
This is totaly another story: this is a clasic routing problem on LotusNotes client side

Tell me if I am right. But tomorow morning I am going for sailing and will not be online for two weeks.

Please do not be confused by this notes.ini settings. Do not change anything by hand. This is Notes-registry and reflects your names.nsf settings.

So long,

TaurusAuthor Commented:
Lets see if I'm understanding.  The hostname is pluto.mycompany.com.  

Therefore my IIS servers are listening on port 80 (http) and port 21 (ftp) for at least the IP that is specified in the hosts file for pluto.mycompany.com.  And Quickplace is also running with an ISAPI dll loaded so that IIS lets it work through it.  

Now there are other IPs assigned to the NICs which IIS uses (for web and ftp sites) and which get resolved not via the hosts file but rather via a DNS server.

So then (if I understand you) Domino (by default) listens on the IP bound to the host name: pluto.mycompany.com.  This could be done either in hosts or via DNS or both.  Your reccommending to do it in the hosts file.  

Now per the ports enabled in names.nsf, I have enabled during setup only the tcp/ip port.  So I assume that domino is listening on pluto.mycompany.com:1352 but not on pluto.mycompany.com:80 or any other IP/port combinations.
Is this correct?

Further your telling me that if I want to use more than one IP address with Domino, then I can add entries to notes.ini for the additional IP addresses and even ports other than 1352.  Right?

Lastly, pluto is running fine but as you said I can't reach him from home.  What tips can you give me for this.

I set up the domino server on pluto, and then setup the admin notes client from home.  This was my first server.  Then I came into the office (since the home connection didn't work -seemed to but then didn't) and tried doing it from a local workstation.  I didn't realize that the admin. user.id was put in the admin person doc. and that it was probably fetched by the client at home.  So I spent a while trying to figure out how to detach the user.id that was no longer in the person doc.

Finally I realized what must have happened so I reinstalled the server and found the user.id in the person doc tried installing the admin. client again on a local workstation.  It asked me for port info. and wouldn't make a connection until I specified the LAN IP specifically.  Then after installing it seemed to lose this IP info. again so I had to enter it into the hosts file on the workstation.  This brings up another question.  How is Domino listening on the internal NICs IP?  The entry in hosts on pluto is for a non-internal IP.

P.S. Where do you live.  You mentioned sailing.  I live in Santa Barbara.  Are you a CLP?  
TaurusAuthor Commented:
See comment above also.  Yes I do need to have domino listening to two IP addresses.  One for LAN and one for Internet.  You said don't edit notes.ini directly.  Could you point out where to do this from the notes administrator?  Its in the config doc. right?  
Hello  Taurus,

I can  not sleep, so I type one more time some more lines to you before I have to go for travel to IJsselmeer this morning. I am living in Munich. Yes, I am CLP, havy stressed on Domino running on several S/390's. So I had many occassions to test arround untill it worked, because S/390 will allways stay a speacial environment ;-)
So is your mashine with several net cards and already running servers blocking Domino ports.
For me it seams you are very well in LAN but still have no idea how Domino uses the protocols. So allow me to start from fundamentals (also ignore my english typos; I am from Makedonia ;-)

First of all, Notes is able to use several different protocols concurently (even one proprietary protocol: PCX over COM). The problem is, Notes names this protocals "ports" with is confusing with TCP/IP ports.
I recommand to you to switch off all protocols Domino detect himself, and use only TCPIP. On Notes client you do this in menue: File->Preferencies->UserPreferencies-Ports ;-)

This is also the next recomandation: get first your Notes client accessing your serverver before traying Admin.
But it seams you have succseded in reaching from home your server. Otherwise you would not get the user.id fetched ;-)
So, from home you have surely entered an IP address where to reach your pluto server. This is your servers IP address. Let me tell you so: every IP address you can imagine as a protocol stack with his own set of sockets (called ports  ;-)
It is not a problem to use same stack from two servers, but never to use same port on same stack, OK.
So, your question is: how do I know wich stack is my pluto bound to?
Answer: goto names.nsf on server, look into server document for pluto. There is a tab Ports->NetworkPorts.
In this tab you see from left to right:
Port: this is the name you give to this protocol. Now there is TCPIP, but you can name it HUGO ;-)
Protocal: TCPIP
NotesNetwork: again a name you give this protocal to make NotesDomains. Not important for single server.
and here it comes! NetAddress: symbolic name OR numeric address this server is bound to.

Now I think is all clear to you.

Installation routine determin actualy available stacks and takes one. It enters symbolic address (pluto.mycompany.com), but you can enter without problems the numeric address into this field NetAddress. I think this is all you need.

When allready in server document, so look for TCPIP ports this server will use. You see them in the next tab: InternetPorts
There you can give your pluto another TCPIP port for HTTP (for example: 8008). So you avoid problems with IIS on same TCPIP address using already port 80.

Last comment before take off: yes, you are right. the best place to set notes.ini settings is the Configuration document in names.nsf.

But before using two IP address make your admin work from home. I recomand also some software for remote access to your server mashine ;-) like PC-Duo, CarbonCopy, PC-Anywhere...

Hope I have not confused you too much, and helped anyhow. I will stay for two weeks offline and after short four days work I have to go to holyday again ;-)

Good luck,
TaurusAuthor Commented:
Just in case you check your e-mail one more time I have quick comments/?s.

My remote (Internet via cable modem) admin. client worked for a while then when I tried to connect a few hours later failed.  Is this due to cable modem using DHCP?  What input do you have?

Second, since I was able to make connection initially, it appears Domino listens by default to all IP:1352 connections.

"Second, since I was able to make connection initially, it appears Domino listens by default to all IP:1352

Yes, I believe you are correct in that.  I noticed he's sailing, so I'll try to help you out while he's gone.

It shouldn't matter what IP your machine at home is, the server shouldn't really care.

Before I can get any more specific about setting up your server configuration I need to know what version of Domino server and client you're running.
TaurusAuthor Commented:
Sorry I didn't post sooner- for some reason I didn't get or overlooked my EE notification.

Version 5.08  Just downloaded it a week or two ago.

When I wasn't getting a connection I tried a trace.  The first trace failed but when I typed in the address and did a second trace, it connected and said it made a connection record. Then the admin client connection worked again?  

The Domino Administrator client had been working for days and now isn't again.  I'm getting a msg: "Network error: Buffer was too small".  I can ping the server and it responds.  What next with this product?  Any help is welcome.
Wow, that sounds like a whammy....I'm going to be setting up one of our servers with an external card so people can get their mail from outside.  But it sounds like it may not be a good experience.
Instead of using the actual client, try using the web-based client.

See if that works, it seems to have the same functionality as the admin client and should take up less bandwidth to use.
TaurusAuthor Commented:
I came into the office today to take a look at the problem and I get the same error when trying to connect via LAN.  I read on a post elsewhere something about problems with proxy's but I didn't really get the jist of it because it was with refence to something called bb.  

Per using the web admin, I don't have http services configured because I am running IIS on same machine.  The machine has NT 4.0 OS, IIS 4.x, Jakarta Tomcat Java servlet engine, and Midpoint Gold proxy/firewall software.
Ouch...one machine is running your firewall, your proxy, your web server, AND is your notes server?  I'm surprised it's working at all...especially the firewall/notes server part.
Firewalls tend to restrict your network cards a lot.  The fact that it's not letting you access the notes side of things makes me think that the firewall is doing something to restrict the notes port.
TaurusAuthor Commented:
I tried to post earlier but EE bombed when I hit submit and the post was lost.  

I found out when in the office that Domino wasn't running.  Yesterday the firewall/proxy that also handles mail went down (I'm only using this Domino install to practice on and get familiar, not using it for our mail).  I told someone at the office to pwr down the NT server and the router which fixed the mail problem but Domino wasn't configured to automatically restart on bootup.  So that was the problem but the error msg returned wasn't very helpfull in keying me in on it.  I'm  perplexed at what service was answering when pinged since I know now it wasn't Domino (not running) or IIS (identifies itself).  Maybe it was my firewall/proxy?

Per the comment about the firewall.  I think that Domino if well designed should easily coexist with other TCP/IP services and firewalls.  Note, I opened port 1352 on the firewall.  

For all my posts what I've gathered per Domino and TCP/IP is:(Please correct me if you find I've errored.)
1) Domino uses one TCP/IP port: 1352
2) Domino calls protocols "ports" //very poor convention
3) If one enables the Domino TCPIP port (protocol), domino will listen or attach to every "Network card attached" IP address, on TCP/IP port 1352.
4) Domino might use other TCP/IP ports if particular service, such as http, was installed.

Beyond this, and per TCP/IP Domino issues, I don't understand what Domino is doing with the host name or what it needs it for?  I suspect it might need the host name for other Domino ports (protocols) such as Netbios.

Per TCP/IP host name(s) they are resolved via hosts file or DNS.  Every host name associates to an IP address (one to one relationship). When talking about TCP/IP the host name seems irrelevant since all we care about are IP addresses and tcp/ip port numbers.  

So where in Domino can you configure it to not listen at every IP address or more specifically specify what IP addresses it will listen on.  Further, and this has me confused, why would one want to add additional Domino ports (tcp/ip protocols)?  I don't get it, but perhaps I'm confused as my TCP/IP knowledge is limited.

Hello Taurus,

I prefer answering single small questions as you asked in seven parts (not only because of the points ;-))

but here some general links for you to fetch more infos:

especialy this one is good for your firewall planning:

More details in single question parts...


PS: I am again for one week on holiday, so do not be confused if no reactions from my side... <| ;-)
Hello Taurus,

I am again online for one week ;-)
so please make comments if something is to clarify.

TaurusAuthor Commented:
Do you have any experience with Lotus Sametime?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 9
  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now