Assuming users' mobility, Browser Security Plus Server should be reachable via public IP address. So that devices in LAN and the internet can be managed all the time. This can be achieved by exposing Browser Security Plus Server to the Internet.
Browser Security Plus Server should be reachable via public IP address, you can configure the NAT settings in such a way that all the requests that are sent to the Public IP address gets redirected to the Browser Security Plus Server.
If you use the same DNS name for both public and private IP, then all internal requests within the LAN will be directed through the internal DNS to reach the private IP without getting routed through the public IP.
Devices from the internet uses the DNS name to reach the public IP address from where it gets directed to the private IP address.
It is recommended to use FQDN instead of IP address. You can also use self-signed or third party certificates to ensure data security. Since using certificates will encrypt the communication which is the sent to and from the server, this assures that the corporate data is secure in the internet. When you use any third party certificates it recognizes the server using the FQDN. To know more about using third party certificates, refer to this.
Configure NAT settings to locate the Browser Security Plus Server
To configure NAT Settings, follow the steps below: