Using the Routing Server with BitWise Professional by Kevin Hock, BitWise Client Programmer Document Revision 1.0.2, April 6th, 2005 Overview BitWise Professional users enjoy complete isolation and privacy from other BitWise users while still being able to establish direct connections both in and among different locations (such as offices in different cities), even without a VPN linking all of the locations. This is possible by using the BitWise Routing Server, a small application that can be run on any desktop PC (or on a dedicated server, if desired), acting as a bridge between the Internet and your Intranet. The Routing Server is the key to both interoffice connections as well as ensuring isolation from other BitWise users. This document describes how the Routing Server provides these services. If you are using a VPN, you most likely do not need the Routing Server, refer either to the Getting Started documentation or the Dual IP white paper. BitWise Routing Server for Interoffice Communications BitWise is based on direct connections, which are required in order to use many of BitWise's features such as whiteboards, conferences and file transfers. The Dual-IP Technology (detailed in a separate White Paper) makes it possible for seamless intra office connections, but interoffice connections require the Routing Server in cases where the same Internet IP address is shared by some or all of the Intranet computers. Many small offices are set up using network address translation (NAT), where all of the computers share a common IP address on the Internet, and IP address such as 192.168.1.100 are given to the computers on the Intranet. If there were only one computer on the Intranet using BitWise, it would be easy to set up port forwarding to always send port 4137 connections to that specific computer. However, with multiple computers on the Intranet using BitWise, this strategy would only allow one computer to accept incoming connections. For more than one computer on the Intranet to be able to have direct connections with computers on the Internet, there must be a program to analyze incoming BitWise connections (port 4137), determine the intended recipient, and forward it to the correct Intranet PC.. The BitWise Routing Server acts as an intermediary between the Internet and your Intranet by "guiding" incoming BitWise connections from the Internet to the correct Intranet computer. By setting port forwarding of port 4137 to forward to the computer running the Routing Server, the Routing Server can analyze the connection data and can connect to the correct Intranet user so that the direct connection is complete. The Routing Server simply holds a connection to the Internet client and the Intranet client and shuffles data between the two connections. No compression or encryption is performed by the Routing Server, so it can be run on a normal PC without affecting performance of that PC; it is not necessary to set up a special dedicated server (though you can do so if you choose). Once the Routing Server and BitWise clients have been configured, all of the connections are handled and routed automatically. Specific instructions for setting up the Routing Server and the BitWise clients on an Intranet are available from the Support section of the BitWise web site at http://www.bitwiseim.com/docs/RoutingServer.php BitWise Routing Server for Complete Isolation BitWise Professional provides, among other additional services, complete isolation between users in your Network from all other BitWise users. However, some special setup is required to ensure that users in your Network cannot also simultaneously connect to BitWise Personal (which is open to all users). With a site firewall and one setting change to the Routing Server, logins to BitWise Personal can be blocked. The BitWise server listens on port 4038 for commands from clients, including the login command. Using a firewall to block port 4038 would effectively block anyone on your network from logging in to BitWise. However, the Routing Server can be used as a proxy to the BitWise server for Professional users only. By allowing only the computer inside your network that is running the Routing Server to have access to port 4038, you can deny access to users trying to log in to BitWise Personal. In the Preferences of the BitWise Routing Server, there is a checkbox Use Routing Server as relay for server connections. If this is enabled, the Routing Server will listen on port 4038 (the BitWise server port), and will act as a middleman to the BitWise server. However, only requests from a Professional Network (a Network ID greater than 0) will be relayed; connections from Network 0 (BitWise Personal) will not be relayed. Therefore, if the Routing Server is the only avenue to the BitWise server (i.e. it is the only computer on the network able to pass through port 4038), then no one on the network will be able to log in to the BitWise Personal. The BitWise client needs only one setting changed in order to log in through the BitWise Routing Server acting as a proxy. In BitWise's Setup prior to logging in, you may specify the BitWise Server to be the IP address or Intranet name of the BitWise Routing Server, rather than the default login server. As would be expected, the BitWise Routing Server must be running in order to connect to BitWise. Technical Support If you need assistance setting up the Routing Server or configuring the BitWise clients to use the Routing Server, you may request technical support using web services. We will be happy to guide you through the setup needed for your specific Intranet structure.