t_mac — 2012-10-08T22:20:39-04:00 — #1
OK. I have a client who uses a Lotus Approach database in their office. The database files are kept on one workstation and everyone opens the files from that machine. Approach allows up to 16 users at any time apparently.
Now one of the users wants to do work from home. They have asked me to figure out how to allow the user at home to connect to the database file.
I think that the solution is going to involve some sort of Remote Desktop setup. But I have no idea how to set up a connection between a workstation and a remote home. Is LogMeIn a good solution? Is there a better way.
Any advice welcomed with open arms. This is a little outside my area of expertise.
dklynn — 2012-10-10T00:46:38-04:00 — #2
OMG! You may have been asked to do the impossible because the database access should be setup to only allow access via the client's LAN. Access from home would violate that permission. The next problem I would expect would be the firewall which should exclude outside access to the workstation with the database.
Finally, I'd recommend to the client NOT to open their database to the obvious security implications of allowing outside access. If the database is critical to the "mission success," they'd be foolish to have you punch holes in their security for someone to work from home.
serverstorm — 2012-10-15T10:49:00-04:00 — #3
like you mention a Terminal Service is one method for doing this. Security is a big gottcha on this type of setup as you can't just open port 3389 and away you go - that will get hacked in 3.2 seconds. You instead need to implement open-vpn. This is most commonly done via the firewall although there are a number of different ways that it can be setup and you will have to chose the method that works for your network. So it could work like this:
- You enable terminal services for the desktop of the user that wants to remote. Keep in mind that desktop OS only come with one terminal service capability so a user could not work on the desktop while the remote user was connected.
- Run an open-vpn server that is connected to your firewall.
- Generate certificates for the open-vpn connection and configure a open-vpn account for the remote user.
- The certificates and keys would need to be configured on the users remote computer.
- Once a successful vpn connection can be established, the user will open the vpn connection and then run their terminal service client to connect to their office machine. As they are controlling their local machine they will be able to connect to the Lotus Approach database.
- Print through terminal services can also be enabled so that they can print reports on their remote machine from their office machine. File access can also be done via explorer by connecting to the remote shares. Just keep in mind that the VPN will always need to be successfully established for file sharing and printing to work.