Internal storage on network (not NAS) - need to be remote

Discussion in 'Mac Basics and Help' started by DarkHeraldMage, Apr 19, 2008.

  1. DarkHeraldMage macrumors 6502a

    DarkHeraldMage

    Joined:
    Oct 5, 2007
    Location:
    Fort Worth, TX
    #1
    Okay, allow me to explain:

    I use the mac in my signature, as well the PC. I'm doing IT for someone who is exclusively PC. His home network consists of two Vista PCs and one XP, as well as one remote user on XP. One of the Vista machines has the hard drive partitioned as two drives. What we're wanting to do is make the second one internal storage for the whole home network. That part I believe I can hammer through myself.

    The problem is, the one user who is remote needs to be able to access that same internal storage from her home. How do I make that drive shared not just internally, but externally?

    And to justify being posted in the mac area, the preference is that I'll be able to also remote into it from my MBP as needed to access the same files as the remote user. Any help would be massively appreciated.

    *hopeful look*
     
  2. Dimwhit macrumors 68000

    Dimwhit

    Joined:
    Apr 10, 2007
    #2
    Sorry, no answer from me. But I need to do the same thing. Got an internal shared drive that I need accessible from remote locations. I posted this question a week ago, but no one had a suggestion.
     
  3. 4JNA macrumors 68000

    4JNA

    Joined:
    Feb 8, 2006
    Location:
    looking for trash files
    #3
    second partition on vista box -- which version of vista?

    remote user, any security required? that is, is it ok if she can see everything on the network, or would she need to be locked down to only the shared partition?

    what kind of internet connection at the local and the remote site?

    trying to do this for free, or willing to buy equipment?

    needs me some more details...
     
  4. operator207 macrumors 6502

    Joined:
    Jul 24, 2007
    #4
    Does the location have a static IP? I would imagine that since they already have a remote user, that they do, or that issue is taken care of.

    Punch the ports for file and print sharing, set it to be accessed by specific users, not "everyone" and you have simple authentication for F&P sharing.

    However, your now are passing all that data in the clear. Which is what 4JNA is probably getting at. VPN is your best option. Possibly pricy, unless you really look around. (cheap DD-WRT compatible router on both ends is one option that is cheap)
     
  5. DarkHeraldMage thread starter macrumors 6502a

    DarkHeraldMage

    Joined:
    Oct 5, 2007
    Location:
    Fort Worth, TX
    #5
    No real security required. Remote user is the same user of the computer that holds the secondary drive which will be acting as network storage, so if she needs to login for security purposes she'll be using the same username and password as her PC login. No need to lock her out of anything.

    DSL internet connection at both sites (considerably fast).

    Trying not to purchase any more equipment. Not worried about VPN in this instance, just wanting remote access on rare occasions, but during those rare instances it's a must.

    I believe they have a static IP, but I'm not sure. Their previous IT guy had them set up on a faulty server, so they took it down and now I'm here trying to fix his mistakes. Problem is, I don't have a real solution for what they're looking for. Just doing a friend a favor and I'm incredibly lost, and they're even more clueless. lol All help is appreciated, both past and upcoming. Thank you.
     
  6. operator207 macrumors 6502

    Joined:
    Jul 24, 2007
    #6
    I was not worried about a legit user having to login, I was worried about data that they want private to stay private.

    Setting up a VPN will do a lot more than you may realize. With the VPN, you will put them all on the same internal network. Securely. Which means you can use file and print sharing. Which means you do not have to worry about security on the VPN.

    Main office, Router that runs VPN.
    Remote location/locations use a software VPN client. They router the private VPN over the VPN connection, the rest of the "internet" goes out their normal DSL connection.

    OR

    You could do what I said earlier (though do not recommend), and punch holes in your router, and share to the world. And if they do ANYTHING with personal data, or billing information, make sure that have your full name for the law suit.
    You were talking about fixing the prev. IT guys mistakes. Do it, don't make more mistakes trying to just get it done.

    Sorry if I sound rude, I do stuff like this all day long. Fix others mistakes, and secure networks. I understand trying to keep things cheap, just go look at VPNs, they will do what you want to do, and keep everything secure.
     
  7. DarkHeraldMage thread starter macrumors 6502a

    DarkHeraldMage

    Joined:
    Oct 5, 2007
    Location:
    Fort Worth, TX
    #7
    That's a frightening thought. VPN isn't an option at this point as the user isn't willing to spend any more money. The secure data isn't a huge problem...per se. It's all up to him ultimately. I've tried advising against remote connections at all, but he's insistent. My only other recommendation is the dumbed down features of GoToMyPC.com and have the remote user login that way if she wants to. Thoughts?
     
  8. 4JNA macrumors 68000

    4JNA

    Joined:
    Feb 8, 2006
    Location:
    looking for trash files
    #8
    ok. full stop. take a second and think about that last bit... 'previous IT guy', 'faulty server', 'even more clueless', 'doing a friend a favor'. lot's of scary things in that list. i realize that you are just trying to help, but it comes down to this; do it right or you're in for a world of hurt and trouble. as soon as it connects one time, you are going to be the new 'computer IT guy' and everytime from that point forward, it will be your responsibility/problem when it doesn't connect, and you pointed out that when it's required, 'it's a must'. not a fun call to get just so you know... if you're not interested in that title, then recommend they seek a professional solution although it will cost more. worth it for them and you at that point.

    based on the problem, your involvement, and the required 'it's a must' for little/no money, i gotta go with the 'setup a simple VPN' idea as above. not free, but once you set it up, it should be a solid customer proof fix. i've setup several like this for customers and would recommend the same. the best luck i've had in this price range has been from netgear. the FVS318 router/firewall would go at the 'shared vista' location (dsl modem > fvs318 > vista box on LAN) and then use the ProSafe VPN client software package installs on the remote XP machine. all done for $150-$200 bucks, fairly easy to setup if you know networking (follow the setup wizard...) and i've had a similar setup working for a 'clueless client' for a few years with only a couple 'help me' calls.

    if that cost is still to much, and you are determined to help, i would goto Hamachi from LogMeIn as a plan B. cost is $40 per year for 1 'Pro' license, but they also have a free version that you might want to experiment with. works really well for small, low traffic problems like the one you described.

    be careful how you proceed, and best of luck either way!
     
  9. ChrisA macrumors G4

    Joined:
    Jan 5, 2006
    Location:
    Redondo Beach, California
    #9
    If the remote user only needs to get a file now and then the simplest way is to run an FTP server. It is very easy to set up and can be very secure.
     
  10. DarkHeraldMage thread starter macrumors 6502a

    DarkHeraldMage

    Joined:
    Oct 5, 2007
    Location:
    Fort Worth, TX
    #10
    And how would this be accomplished? I've never done something like this before.
     
  11. operator207 macrumors 6502

    Joined:
    Jul 24, 2007
    #11
    I agree with 4JNA, if its going to be done, it NEEDS to be done right. I also believe 4JNA has the right solution, or is at least going the right direction.

    It sounds like he has been in this situation before. I know I have.
    The client does not want to spend any money, for whatever reason, but wants something that either requires money, or someone to devote time (at no cost) to solving his problem, without spending money.

    Its the old adage, fast, cheap, dependable. Pick 2.

    Whatever you choose for this client, it needs to be secure. The reason you see all these, "company leaked private information" News Headlines, is because of people trying to cheap it out, and not using what is needed.

    The question you posed of how to do what 4JNA is asking, is look at the routers "DMZ" section. You need anything that is going to a port on the router, to be forwarded to that Windows machine that needs to be accessed remotely. Firewall the crap out of it, only open ports on the Windows machine to allow that programs access, and go from there.

    Regardless of what you do, you need to make a proposal along the lines of, "This is the CORRECT way of doing this" involving a good VPN client/server configuration. Then have a "This will work, and is cheap, but could be unstable, and cause problems" proposal. Make sure you offer him the correct way of doing it. So when his cheap insecure method falls flat on its face, and costs him money in time and non-productivity (or lawsuits), you can go to him with ammo to show him that the cost of this one outage outweighs the initial cost of doing it right. See 4JNA's post, if the outage cost more that $200 in downtime, it would make a perfect argument.

    Off chance, what is this going to be used for? If there is any personal information that is being passed between the local and remote stations, you may have a few laws to stand on, that can help your proposal.

    I work in the medical industry, Hipaa would have a field day with my ass if I did not secure that remote connection.


    Another option, though is going to be a bit more advanced, see if their router supports running dd-wrt. Its standard install, supports VPN. Then you can find a software VPN client (some are free) and you have not spent anything but time, and learned a great deal.
    http://www.dd-wrt.com/wiki/index.php/VPN

    I have not done this yet, though I do run a DD-WRT flashed linksys wrt54g router. I have no need for VPN for my entire network, but you do, and this would allow the remote user to see the local network as if they were sitting right there.
     
  12. DarkHeraldMage thread starter macrumors 6502a

    DarkHeraldMage

    Joined:
    Oct 5, 2007
    Location:
    Fort Worth, TX
    #12
    Thanks for all the advice everyone. I really appreciate it. I ended up setting the desktop with LogMeIn.com so everything will remain secure. It was the only free solution I could provide him in the timeframe he needed, and when I showed him how it works he was pleased.

    It's just one of those catch 22's. People who know nothing about IT expect the world of it, thinking anything is possible and shouldn't be hard or expensive. Then they come to us and assume we can do it and question us when we can't. *sigh* Just glad that's done with.
     

Share This Page