• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Bear Bibeault
  • Junilu Lacar
  • Martin Vashko
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Scott Selikoff
  • salvin francis
  • Piet Souris

Connection through another PC

 
Rancher
Posts: 506
6
IntelliJ IDE Spring Fedora
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I have a question about making a connection through another pc.

I was wondering if its possible to somehow connect to a database that is on an internal network through a gateway pc.
In my case,  I have one pc on an internal network that I can remotely access and from that pc connect to database on that internal network.  
What I am trying to do is make a database connection  to the db on the internal network that I dont have direct access to.

Is that possible or do I just have to make it so I have direct remote access to the database?

Thank you
 
Saloon Keeper
Posts: 5917
152
Android Mac OS X Firefox Browser VI Editor Tomcat Server Safari
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You would need a proxy server of some kind that runs on the gateway PC. In the simplest form it would accept authenticated HTTPS connections from the outside, translate them to JDBC connections to the DB, collect the results, and then send them back to the client, possibly as JSON.

Or were you asking about JDBC connections from the outside? I'm not aware of a JDBC proxy, but commercial options for such may well exist.

If the gateway runs a VPN server and you can connect through that, no proxy would be required.
 
Al Hobbs
Rancher
Posts: 506
6
IntelliJ IDE Spring Fedora
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the reply.
I was looking to do a database connection like jdbc (im using c#).  This situation is only for developing the app. Theres a test database that the client has that I could use and I wanted to just use that instead of setting up the test database locally.  
If you can't think of a way do the jdbc connection through a proxy or another simple method then I'll just set up the test db locally.
 
Saloon Keeper
Posts: 21312
140
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Usually, when I do something like this, I make my own local test copy of the database if I can. I don't like testing with live data and as far as it goes, I'd much rather test with simulated data than actual production names, addresses and credit card numbers. IT security is bad enough as it is.

A VPN is a good option when the client can handle it. The main downsides being that the VPN can override your normal network connections (if the client, for example, has locked out internet access to coderanch.com ). And of course, if you were acting in bad faith, you've basically moved into their office building.

Granting direct Internet access to a database, whether directly or via a gateway/proxy should be a last resort, That is, after all, how one of history's most infamous Internet exploits happened: SQL slammer.
 
Al Hobbs
Rancher
Posts: 506
6
IntelliJ IDE Spring Fedora
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Actually I didn't mention that I have to use a vpn to connect to the gateway pc. The database is a test database so it's kind of live because maybe there's old data, but there's also a lot data created during development of different apps. Also the test database is completely separate from any production databases.  Like on another computer with controlled access.

I will just make a copy of the test db locally and use what I need.
 
Tim Holloway
Saloon Keeper
Posts: 21312
140
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you are on a VPN and the test database is on the same VPN, then you wouldn't need a gateway PC because the VPN would function just like a physical LAN.

On the other hand, if you are on one VPN and the database server is on another network (real or virtual), you would need a gateway, but a full PC is overkill. All you need is a virtual switch to connect them.

Anyway, I think you're better off with your own local test data. If for no other reason than that access will be much faster that way.

I once ran a project to a mainframe serving DB2 in Barbados and response was intolerable.
 
Al Hobbs
Rancher
Posts: 506
6
IntelliJ IDE Spring Fedora
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Even though they are on the same network the security even within the internal network is tight.  People have to be given explicit access either by the username or ip to be able to connect to any pc.
 
Tim Holloway
Saloon Keeper
Posts: 21312
140
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Al Hobbs wrote:Even though they are on the same network the security even within the internal network is tight.  People have to be given explicit access either by the username or ip to be able to connect to any pc.



For a database machine, that would normally be done at the coarse level by the firewall software on the server machine, by source IP address. For finer security, most DBMS's control access by userid and/or IP as part of their own security subsystem. You could, I suppose block traffic at the network switch level, but that's pretty paranoid even by my standards. And likely to be a major headache to administer.

For the most part, it's best when each machine controls internal network access so that the normal switching can't be done by simply bypasing the switch, "Mission, Impossible!" style. The switches and routers are more suited to blocking exernal traffic, and to keep secure LAN segments (such as production) isolated from unauthorized users (such as developers, accountants, etc.).
 
Would you like to try a free sample? Today we are featuring tiny ads:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!