We have a product we are deploying to some small businesses. It is basically a RESTful API over SSL using Tomcat. This is installed on the server in the small business and is accessed via an iPhone or other device portable device. So, the devices connecting to the server could come from any number of IP addresses.
The problem comes with the installation. When we install this service, it seems to always become a problem when doing port forwarding so the outside world can gain access to tomcat. It seems most time the owner doesn't know router password, etc, etc.
I am trying to research other ways we can accomplish this. I've come up with the following and would like to hear other thoughts on the topic.
Is there no way this service can by hosted publicly by you or a hosting provider rather than with the customer?
I had a similar situation when i was developing kiosks. I never knew what type of network environment i'd have to deal with on the next installation.
I ended up creating a PPTP VPN to allow all the kiosks to connect to one server i hosted publicly. We then created a controller web service to expose access to the kiosks that were all connected via the VPN. I'm not sure how familiar you are with VPN's but with the VPN connection i was able to completely circumvent the firewall in front of each kiosk by accessing the kiosk via the VPN assigned IP.
Each kiosk node was incredibly easy to setup once i had a VPN server setup. It also brought management benefits and licensing revenue i originally didn't think about. with this infrastructure i was easily able to roll out services accessible via mobile phones.
Best of luck!