When implementing your Property Management System (PMS) on an IIS server, there are two primary methods for managing access to different modules: Domain Mapping and Port Mapping. Both approaches offer distinct advantages depending on your security preferences, server architecture, and network configurations. Below is a breakdown of each method and how it affects your application and database server setup.
| # | Module | URL Mapping | Port Mapping |
| 1 | Front Office | front.pms.{yourdomain.com} | 8084 |
| 2 | front-api.pms.{yourdomain.com} | 8085 | |
| 3 | Front Office External APIs | fo-ext-api.pms.{yourdomain.com} | 8098 |
| 4 | Front Office HouseKeeping APIs | fo-hk-api.pms.{yourdomain.com} | 8099 |
| 5 | POS Backend | pos.pms.{yourdomain.com} | 8090 |
| 6 | pos-api.pms.{yourdomain.com} | 8091 | |
| 7 | Accounting | finance-api.pms.{yourdomain.com} | 8092 |
| 8 | finance.pms.{yourdomain.com} | 8093 | |
| 9 | Inventory | inventory.pms.{yourdomain.com} | 8094 |
| 10 | inventory-api.pms.{yourdomain.com} | 8095 | |
| 11 | inventory-reports.pms.{yourdomain.com} | 8096 | |
| 12 | Channel Manager | cm.pms.{yourdomain.com} | 8087 |
| 13 | Central Module | login.pms.{yourdomain.com} | 8081 |
| 14 | admin.pms.{yourdomain.com} | 8082 | |
| 15 | central-api.pms.{yourdomain.com} | 8083 | |
| 16 | Management Dashboard | dashboard.pms.{yourdomain.com} | 8086 |
| 17 | CRM | crm.pms.{yourdomain.com} | 8088 |
| 18 | vButler | vbutler.{yourdomain.com} | 8089 |
| 19 | Banquet | banquet.pms.{yourdomain.com} | 8097 |
| 20 | test | test.pms.{yourdomain.com} | 6060 |
1. Domain Mapping
Domain Mapping is the preferred method for accessing PMS modules, particularly when using an SSL certificate to secure communications. In this setup, each PMS module is assigned a unique subdomain,
Example;
1. front.pms.yourdomain.com for the Front Office
2. pos.pms.yourdomain.com for the POS Backend.
Advantages of Domain Mapping:
- Enhanced Security with SSL: When SSL is enabled, domain mapping allows secure communication between the client and server. This is essential for protecting sensitive information, such as payment data and guest details.
- Simplified Port Management: Only port 443 (for HTTPS) needs to be opened on the application server, which reduces the attack surface and simplifies network configuration.
- Easy-to-Remember URLs: Using subdomains for each module makes URLs more intuitive for users and administrators, helping them quickly navigate between modules.
In summary, Domain Mapping with SSL ensures secure, streamlined access with minimal port configuration, making it the best choice for production environments.
2. Port Mapping
In Port Mapping, each PMS module is assigned a specific port on the IIS server instead of a subdomain.
For example,
1. Front Office module could be accessible at {your application ip address}:8084
2. POS Backend at {your application ip address}:8090
This method provides flexibility but comes with some trade-offs.
Advantages of Port Mapping:
- Less Dependent on Domain Configuration: If managing subdomains is not feasible or desired, port mapping allows the use of a single domain with different ports for each module.
- Useful for Non-SSL Environments: When SSL certificates aren’t being used, port mapping can still offer a way to segment modules across different ports.
Challenges with Port Mapping:
- Increased Port Management: For each module, you’ll need to open a different port in the firewall (e.g., 8084, 8090, etc.), which increases complexity and creates more potential vulnerabilities.
- Not as User-Friendly: Accessing modules by port is less intuitive for end users compared to subdomain-based access.
While Port Mapping offers flexibility, it is often less secure and requires more configuration, making it more suitable for internal environments or specific deployment needs.
3. Open Ports in Database and Application Servers
For both domain and port mapping setups, you will need to ensure certain ports are open for proper communication between the application server and the database server.
- Application Server (IIS):
- Port 443 for SSL or Port 80 for non-SSL communication when using domain mapping.
- For port mapping, you’ll need to open specific ports such as 8084 for the Front Office module or 8090 for the POS Backend module, depending on your configuration.
- Database Server (SQL Server):
- During initial setup, SQL Server typically requires Port 1433 or 1434, depending on your SQL Server version and configuration. These ports are necessary for database connectivity between the application server and the database.
- Once the initial integration is complete, you can close these ports to the public for added security but keep them open for the application server to maintain communication.
Proper port management is crucial for maintaining security and ensuring your PMS modules and database communicate effectively.
4. Mapping a Domain to an IP Address
Mapping a domain to an IP address is an essential step in the domain configuration process, especially when setting up your PMS with domain mapping on IIS. Here’s how you can do it:
Step-by-Step Guide:
- Login to Your Domain Manager: Access the DNS management panel of your domain provider (e.g., GoDaddy, Namecheap, or Google Domains).
- Locate DNS Settings: Once logged in, navigate to the DNS (Domain Name System) settings or DNS management section.
- Create an A Record:
- Find the section where you can create a new DNS record.
- Choose A Record as the type of record.
- In the Host field, enter the subdomain you want to map (e.g., front for front.pms.yourdomain.com).
- In the Points to or Value field, enter the IP address of your IIS server where the PMS modules are hosted.
- Save the A Record.
- Repeat for Other Subdomains: If you have other subdomains like pos.pms.yourdomain.com, follow the same steps for each subdomain, pointing them to the correct server IP address.
Example:
- Host: front
- Points to: 123.45.67.89 (your IIS server IP)
- Result: front.pms.yourdomain.com will point to 123.45.67.89.
Verifying DNS Propagation:
Once you’ve added the DNS records, it can take some time for changes to propagate across the internet (usually up to 24 hours). To check whether the DNS propagation has completed:
- Use Online Tools:
- You can use tools like whatsmydns.net or dnschecker.org to check if your domain has propagated globally.
Enter the domain (e.g., front.pms.yourdomain.com) and select A Record. This will show you the IP address resolved by various DNS servers worldwide.
- You can use tools like whatsmydns.net or dnschecker.org to check if your domain has propagated globally.
- Command Line Check:
- On your local machine, you can also use the nslookup or ping command:
- Open Command Prompt (Windows) or Terminal (Mac/Linux).
- Run: nslookup front.pms.yourdomain.com
- This will return the IP address your subdomain is mapped to, confirming if the mapping is correct.
- On your local machine, you can also use the nslookup or ping command:
If everything is set up correctly, the DNS should return the IIS server’s IP address, confirming that the domain mapping has been properly propagated.
5. Conclusion
Both Domain Mapping and Port Mapping have their own set of advantages and challenges when setting up a PMS on an IIS server.
- Domain Mapping with SSL is the recommended approach for production environments, providing enhanced security and ease of use. With only Port 443 needing to be open on the application server, it simplifies firewall management and reduces potential vulnerabilities.
- Port Mapping offers flexibility and can be useful in non-SSL environments, but it requires more extensive port management and increases the potential security risks.
In both cases, ensuring that SQL Server ports (1433 or 1434) are open during the initial integration phase is essential for communication between the application and database servers. After the setup, these database ports can be closed to the public for better security.
By carefully selecting the appropriate method for your environment and ensuring proper port management, you can optimize your PMS implementation for both security and performance.