SedonaOffice Client
https://sedonaoffice.perennialsoftware.com/resources/reference-documents/system-requirements/
SedonaOffice uses a ‘Client /Server’ architecture (also called Fat, Thick or Heavy Client). Due to the network requirements of the SedonaOffice client (~20Mb per client, TCP/IP ports 1433/4992, Named Pipes, latency <100ms to the SQL Server), direct operation of the application is NOT supported over ANY type of VPN. This includes web-based services like Amazon AWS and Microsoft Azure. The workstation(s) must be on the same local network as the SQL Server.
Note: SedonaService is required to initiate sessions between the Software and SQL. After the initial client session is started on 4992, the client server connection takes an available port base of 6000 and port range of 250 ports [6001-6250] as listed in in the registry HKLM\SOFTWARE\WOW6432Node\Sedona Development Company\Sedona Office Server
Note: If you are using SQL Aliasing/Instancing [c:\windows\SysWOW64\cliconfg.exe] or Microsoft SQL is set to manage connectivity, those settings are going to override the default 1433 SQL server port connection for the client machines reaching out to the SQL server. In most aliased/instanced/newer configurations, Microsoft/SQL will dynamically assign a port which can be 49000-65535. For those arrangements in virtual environments, our recommendation is to configure the firewall rule to allow the activity from your terminal server(s) private IPs, webserver IPs, and any in-scope network ranges of machines to the SQL Server Service instead of ports to account for the variance.
SedonaOffice > Alarmbiller [eforms, Time & Attendance, Sales Automation, etc]
URL/Site requires a valid and current SSL certificate bound to the site in IIS. You may use a wildcard.
[We recommend having the intermediaries for the SSL cert installed as well]
There needs to be public access to your SedonaWeb API URL that is hosted on your IIS server via port 443 for integrations to test and connect
SedonaSync
SedonaSync is preferably installed on an IIS server separate from the Sedona SQL server. If it is installed on the same IIS server where SedonaWeb is also housed, it will communicate back to the SQL server over the following
All versions: TCP 1433 back to SQL Server - v10 uses SSRS port 80 or 8085 via http back to SQL Server for report creation/auditing
- If the server Sync is installed on is migrated or server name changes this will require a relicense. Plan accordingly
[visible in configuration manager]
Enterprise Legacy SedonaWeb /SedonaWeb 2.0/Sedona X
It is not recommended to run your IIS server on the same server as your Sedona SQL server due to the need to communicate with the public internet. SedonaWeb should be on its own dedicated standalone server. SedonaWeb, SedonaSync, and BoldNet can be installed on the same server as long as it has greater than IIS 7 installed.
Note: SedonaWeb will not run properly under a subfolder of an existing site; please plan on dedicating a site, IP address and host header bindings strictly for SedonaWeb.
OS/System
- Microsoft Server 2019 Edition or better
- 5GB available hard drive space in addition to OS needs
- 2.5 GHz multicore/CPU
- 6GB Ram or greater for additional for multi-product/purpose IIS
- Microsoft .Net Framework 4.8 [3.5,4.5, WCF Services]
- ASP.NET 2.1.3 Core Hosting Bundle https://dotnet.microsoft.com/en-us/download/dotnet/thank-you/runtime-aspnetcore-2.1.30-windows-hosting-bundle-installer
- Redis https://github.com/MicrosoftArchive/redis/releases/download/win-3.2.100/Redis-x64-3.2.100.msi
- Internet Information Server (IIS) for corresponding Server/OS edition https://learn.microsoft.com/en-us/lifecycle/products/internet-information-services-iis
Networking & Configuration
- Your SedonaWeb/X/API url/site requires a valid & current SSL certificate bound to the site in IIS that matches your DNS entry.
[We recommend having the intermediaries for the SSL cert installed as well especially if using a wildcard certificate]
- Static public IP tied to DNS entry with corresponding Host File entry for SW2.0/API site
You MUST have your public IP address routed to the IIS Server and DNS Entries in place prior to installation
- TCP Port 443 HTTPS out to public [nonstandard HTTPS ports may require additional configuration needs]
[Public traffic via HTTPS is required to have customers/field techs reach the portal or use API calls externally]
VPN configuration is not supported
- TCP Port 1433 between Web Server and the primary SQL Server for database access
- TCP Ports 8080 & 10943/10944 For Octopus Tentacle API pushes and communication with our Deployment server 12.174.58.69
- SMTP Traffic 25/465/587 based on your current SMTP email server settings and or relay provider needs
Note: You may have other 3rd party integrations with web services such as WeSuite or OPT. You will want to confirm with their respective support teams on any specialized web configurations when making firewall/network changes or planning a migration.
WeSuite - wesupport@wesuite.com
OPT - support@optbusinessservices.com
*If SedonaSync is on the web server and it is migrated or server name changes this will require a relicense of Sync, plan accordingly
Enterprise Legacy FSU/Hosted Legacy SedonaWeb
OpenVPN should be running on your Enterprise SQL server. The following traffic needs to be allowed through your Firewall/Network Security:
- Traffic via OpenVPN firewall rule 10.242.242.0/24 UDP Port 9194 or 10.42.42.0/24 UDP Port 9194 [specified in client config]
- This address would have a subnet mask of 255.255.255.0 and does not require a gateway address or DNS assignment
Inbound traffic allowed from our backend server Ips – Should allow all traffic including TCP 1433
- 12.174.58.69 = FSU Web /OpenVPN Server
- 12.174.58.64/29 or 12.174.58.64/255.255.255.248 = Originating IPs for our backend SQL server Legacy FSU & SedonaWeb
- This address would have a subnet mask of 255.255.255.248 and does not require a gateway address or DNS assignment
*Note if OpenVPN is not installed on your server you must review for a custom setup
• If Sync is installed with SedonaWeb and is migrated or server name changes this will require a relicense. Plan Accordingly
Troubleshooting Legacy FSU
Cannot Login
This typically means that the connection between your SQL server and our FSU backend is interrupted. This can be caused by:
- OpenVPN Tap adapter is disabled or blocked on the SQL server
- Traffic via UDP Port 1194 or Port 9194, 10.242.242.0/24 or 10.42.42.0/24 [specified in OVPN Client config]
- OpenVPN service needs to be restarted
- If restarting the OpenVPN service does not restore FSU, stop the service and completely exit the GUI
- Confirm OpenVPN Tap adapter is not disabled or blocked
- Run the open VPN GUI as an administrator and connect
- If issues persist submit a case via contacting sedonaoffice_support@boldgroup.com or 719-593-2829
Can Login but Schedules will not Load
- 12.174.58.66/12.174.58.69 is being blocked
- Ensure your Hardware/Software firewall is not blocking traffic from these IPs as there are our backend SQL server attempting to communicate with your SQL server
- If issues persist submit a case via contacting sedonaoffice_support@boldgroup.com or 719-593-2829
If you are still unable to get schedules to Load you may also require Firewall rules to allow traffic to SQL on ports 1433 to the corresponding service IPs
- 12.174.58.69 = FSU Web OVPN Servers - 12.174.58.64/29 or 12.174.58.64/255.255.255.248 Originating IP range for our backed SQL server