VPN + File Sharing

Discussion in 'Mac OS X Server, Xserve, and Networking' started by allejo, Jun 16, 2011.

  1. macrumors newbie

    Joined:
    Jun 23, 2010
    Location:
    Los Angeles, California
    #1
    Would it be possible to set up a VPN and turn on the built-in "File Sharing" option to essentially have FTP access to my computer over the internet? I know this can work with port forwarding, but I do not wish to open a port on my router. If this is possible, how would this be done? I'm on Mac OS X 10.6.7. Thank you for your help.
     
  2. macrumors 6502

    Joined:
    Apr 28, 2011
    Location:
    Berkeley, CA
    #2
    You can transfer files pretty easily using Teamviewer
     
  3. thread starter macrumors newbie

    Joined:
    Jun 23, 2010
    Location:
    Los Angeles, California
    #3
    Will TeamView act like FTP? I do not need remote access to computers, I simply just need FTP.
     
  4. macrumors 6502

    Joined:
    Aug 10, 2008
    #4
    Consider SCP instead

    You will need to open up ports on your Router to enable VPN. You are better off simply opening up a SSH port and using scp to copy files.

    SCP is command-line but it is secure.
     
  5. macrumors 65816

    Joined:
    Mar 23, 2009
    #5
    A VPN will create an encrypted tunnel from the router to your device. Normally (though this can be changed) ALL traffic will go through the VPN tunnel. For example, when you access the Internet, you'll be going over the tunnel and then egressing to the Internet through your home router. (This can be changed with routing.)

    You would have full access to your local network, so no need really to use FTP or anything like that. Just browse using Finder.

    So you will have secure access to any servers running on your home network, even those using insecure protocols (i.e. telnet, FTP). But, really, it's safer simply not the run insecure servers. I would never run a telnet or FTP server, period.

    ssh can be used in a similar way, though it's a bit more of a hassle to set-up, since you will need to set-up a separate tunnel for each server/service you want to access on your home network. ssh will give you interactive login and (usually, depends on your server) sftp service to the machine you connect to. But you can also set-up tunnels for arbitrary ports/services.

    Take your choice.
     
  6. thread starter macrumors newbie

    Joined:
    Jun 23, 2010
    Location:
    Los Angeles, California
    #6
    So whatever method I choose, I would still have to open up a port on my router? Is there an alternative way to what I want to do without opening a port? I basically want remote access to certain folders and files on my computer.
     
  7. macrumors regular

    CorporateFelon

    Joined:
    Oct 26, 2007
    Location:
    Boston, MA
    #7

    The only reason I can foresee some one asking if they can get around opening ports is if they don't have access to the router themselves.
     
  8. macrumors 65816

    Joined:
    Mar 23, 2009
    #8
    Unless you are accessing your network from a fixed remote location, yes, you will need to open up a port on your router.

    If you are accessing from a fixed remote location, then, alternately, you could open up a port on IT'S router.

    VPN protocols are pretty secure. I wouldn't be too concerned. The idea with a VPN is to "put all your eggs in one basket, and then watch the basket".

    There are some things you can do to make it more secure, though.

    - You can use a non-standard port. (Note, however, that one kind of VPN - IPSec - doesn't actually USE a port. It uses an entirely different protocol. That is, it doesn't use TCP.)

    For example, if you were using SSH, you don't HAVE to use port 22. Pick any unused port you'd like. Makes the service much harder to find.

    - Use "port rapping", if this is supported by your router. This uses a "secret knock" to open up the port. The remote has to attempt to connect to a sequence of ports using a specific timing sequence. If the right knock is given, the port is opened up for a fixed period of time.

    - Most VPNs will only allow a limited number of attempts to connect before they shut the client out. This should prevent any brute-force attack.
     
  9. macrumors regular

    Joined:
    Feb 2, 2009
    #9
    I was about to start a new thread, but will AFP work over VPN? I would like to set up a Mac Pro at home, VPN to it, and mount all my disks remotely (and securely). If I set up VPN on my Macs/iPhone, will I be able to AFP to my Mac Pro's IP (via the router's IP and port forwarding)?

    Thanks!
     
  10. macrumors 65816

    Joined:
    Mar 23, 2009
    #10
    Yes, AFP - or any other TCP/IP protocol - will work over a VPN.

    No port forwarding needed.

    (Other than potentially for the VPN itself. Depends on where the VPN endpoint is. Best is to run the VPN on your router itself, assuming your router has VPN support. In that case, there's no port forwarding. If you run VPN software on your Mac Pro, then you would need to forward the VPN port to the Mac Pro.)

    This really was what the OP was asking, except he muddied things up a bit by referring to using AFP as "essentially FTP" (which it isn't).
     
  11. macrumors regular

    Joined:
    Feb 2, 2009
    #11
    Thanks for this, and sorry to go offtopic! :eek:
     
  12. macrumors 6502

    mainstay

    Joined:
    Feb 14, 2011
    Location:
    BC
    #12
    Www.logmein.com

    No ports. Free. Access from anywhere.
     
  13. macrumors newbie

    Joined:
    Jul 20, 2011
    #13
    I'm planning on setting this up when my new Mac Mini Server gets here...

    What do you use to access it from an iPhone/iPad?
     
  14. macrumors 6502

    mainstay

    Joined:
    Feb 14, 2011
    Location:
    BC
    #14
    well, you can use the LogMeIn App (not free but might be worth it to you).

    I plan on setting up VPN and then using BananaGlue's Control! App.

     
  15. macrumors newbie

    Joined:
    May 27, 2011
    #15

Share This Page