Accessing Zoom services in different network

From version 5.4 and onwards, Zoom has added support to access Zoom services over a different LAN or WAN. With this feature, it has become easier to access the Zoom server at another location OR in a completely different LAN with different DNS. People who are in a different network altogether or when multiple DNS names have different IP routing would be able to access Zoom server/Preview server without any issues.

 
In this article, it is assumed that Zoom and Preview server has been already set up and connected through a private network.

 

To access Web Asset Browser (WebVAB) and Visual Approval (VA)

  1. Zoom web asset browser and visual review work on any browser with adobe flash support. For e.g on desktop/workstation/laptops etc.
  2. Access to Zoom Preview Server is required to run the Zoom Web Asset Browser and Visual Review.
  3. Usually ports 8873, 9873(SSL), and, 8443 are required to connect to WebVab and VA (note: ports can differ in different deployments). Please make sure that from other LAN/WAN these ports are open and accessible to send and receive data.
  4. For e.g., if preview server is running with IP: 192.168.1.10 and you want to access it from IP:192.168.30.65, then make sure that IP:192.168.1.10 is accessible from machine 192.168.30.65 and the server’s ports 8873, 8443 are open. If some proxy is used to communicate between 192.168.30.X to 192.168.1.X then please configure the proxy to forward these ports from proxy to preview server.
  5. There are no restrictions on using any DNS name for accessing WebVab and VA through a browser.

 

It is possible to disable the automatic proxy start on preview server by adding: <enableWebminProxy>false</enableWebminProxy> inside the root tag of  preview-server.xml. By default, preview server will start the proxy for Zoom Web Management Console port (i.e. 8443) on the Preview Server. If this port is not available then the next port will be chosen i.e. 8444. So, clients accessing the WebVab must be able to access 8873 and 8443 on the preview server.
To forcefully enable the webmin proxy add: <forceWebminProxy>true</forceWebminProxy> inside the root of preview-server.xml.

 

[Basic]: To access Zoom Server from desktop clients.

We recommend using hostnames to access Zoom Server/Preview Server instead of IP.  For e.g. using a hostname as in http://zoom.mycompany.com:8880 instead of http://192.168.0.9:8880.

See this article for setting up hostnames on Zoom server: NAT Setup for External Access to Zoom Services

 

No special treatment is required as long as Zoom desktop clients are in the same network and able to connect to Zoom Server and Preview Server.

It is recommended to configure Zoom server and preview server to work on specific hostname like:

zoom.mycompany.com  -> for Zoom server (192.168.1.9)
preview.mycompany.com -> for Preview server (192.168.1.10)

 

As long as the desktop clients can resolve the hostname configured on Zoom Server, they will work. Problems arise when someone tries to access Zoom server/preview from a different network with a different DNS server and the Zoom server name zoom.mycompany.com and preview.mycompany.com are not accessible. Perhaps, in the other DNS, they want to use their own company/department name instead of mycompany.com. Let’s assume they want to use xyzcompany.com instead of mycompany.com.

In the above-mentioned scenario, if zoom.xyzcompany.com is pointing to 192.168.1.9 (i.e zoom.mycompany.com) and preview.xyzcompany.com is pointing to 192.168.1.10 (i.e preview.mycompany.com), desktop clients will work by entering http://zoom.xyzcompany.com:8880 instead of http://zoom.mycompany.com:8880. 

Please note that the zoom prefix is the same in both the domains. It has to be the same to work. If the prefix is different then zoom client won’t connect to zoom server or behave improperly. Whatever prefix for zoom server and preview server name is used in the original network that same name has to be provided to other network DNSes.

 

Original Zoom Preview/Server Host DNS 2/Another Network Status
zoom.mycompany.com myzoom.xyzcompany.com Incorrect – zoom and myzoom prefix doesn’t match
preview.mycompany.com mypreview.xyzcompany.com Incorrect – preview and mypreview doesn’t match
zoom.mycompany.com zoom.xyzcompany.com Correct – prefix zoom is the same in both mycompany.com and xyzcompany.com
preview.mycompany.com preview.xyzcompany.com Correct – prefix preview is the same in both mycompany.com and xyzcompany.com

 

The above-mentioned method is basic and doesn’t require any client changes. The section below covers advanced methods for client configuration which will remove the limitation of using the same prefix in all the DNSes.

 

[Advanced]: To access Zoom Server from desktop clients

Many times it is not possible to use the same DNS prefix as in the section above. To overcome this, Zoom has provided an easy solution of mapping another hostname to the Zoom configured hostname.

Assuming that Zoom server and preview server are already configured and running with the following DNS hostnames and IPs:

Zoom Server     -> zoom.mycompany.com    -> 192.168.1.9          E.g: http://zoom.mycompany.com:8880
Preview Server -> preview.mycompany.com -> 192.168.1.10       E.g http://preview.mycompany.com:8873

 

Now let us assume another company/department wants to access Zoom server from an altogether different network of 192.168.30.X and with different DNS name of Zoom server my-server.xyzcompany.com and preview server my-preview.xyzcompany.com

They want to access Zoom servers as:

Zoom Server    ->  my-server.xyzcompany.com   ->  10.11.0.36  <->  192.168.1.9 
Preview Server -> my-preview.xyzcompany.com -> 10.11.0.37   <->  192.168.1.10

 

Connecting to http://zoom.mycompany.com would not work as the DNS server would be unable to resolve it (altogether different DNS topology from xyzcompany.com).

To make this work, follow the steps below:

  1. Go to the client machine where Zoom client is installed and from where you want to connect to Zoom server.
    Zoom client must be installed on the machine to follow this procedure
  2. Open Z -> Settings -> Advance Properties, and add a new property with the name USE_HOSTS_MAPPING and value true. If this property already exists, then ensure that its value is set to true.
  3. Open the command-line console application:
    • Terminal app on a Mac
    • Command Prompt on Windows
    • Console/Terminal/shell prompt on Linux
  4. Run the following commands:
    zm sethosts zoom.mycompany.com my-server.xyzcompany.com ENTER
    zm sethosts preview.mycompany.com my-preview.xyzcompany.com ENTER
  5. Now run the command “zm hosts” to print the hosts mapping.
    zm hosts Enter

    preview.mycompany.com -> my-preview.xyzcompany.com
    zoom.mycompany.com -> my-server.xyzcompany.com

  6. zm sethosts creates the mapping of Zoom server’s and preview server’s original DNS hostnames to new DNS hostnames for this client. And, zm hosts prints all existing mappings.
  7. Once the mapping is added, you can connect to Zoom Server by using the address:
    http://my-server.xyzcomapny.com:8880

 

Command "zm help sethosts":

Syntax: zm sethosts urls

The command supports the following options:

urls   List of host names to correspond to the last listed host name.

Set the hostname that will be used, instead of the supplied hostname, for network communication.

Example:

# Set the Zoom client to use the hostname "server.myorg.com", instead of "zs.datacentre.local"

    zm sethosts zs.datacentre.local server.myorg.com

# Remove the hostname replacement of "zs.datacentre.local"

    zm sethosts zs.datacentre.local ""

 

Leave a Comment