3

My requirement is I should be able to connect to different databases which are not in my network. I should be able to establish connection by passing Firewall,Nat.We have tried Ngrok which is a tool that can in be installed in machine out of my network.Using ngrok we can expose either a tcp or http port to Public access by passing their firewall and Nat rules.

Using ngrok i am able to establish connection to sql server in some third party network by creating TCP tunnel on SQL server default port 1433.for this i need to install Ngrok in that server.

I tried connecting those file based databases(Ex: Visual Fox Pro) using ngrok by exposing TCP 21(FTP protocol) but not successful.

How i can connect to Document databases which are files based using or any other tool?I am not able to find way to connect them by exposing some http or tcp port for tunneling?

Mahesh
  • 823
  • 1
  • 11
  • 29
  • 1
    Fox Pro is a document DB? –  Jan 09 '18 at 07:46
  • Yes.It is from Microsoft. – Mahesh Jan 09 '18 at 10:41
  • 2
    No it is not a document database, but true it is from Microsoft (unfortunately, yet another product that MS bought and tried to kill). It is an relational SQL database. – Cetin Basoz Jan 09 '18 at 12:05
  • But we are using below connection string with out Ngrok : "Provider = VFPOLEDB.1; Data Source =\\\\ipaddress\\v20k\\Databasetablesfolder; Collating Sequence = MACHINE". And it is pointing to dbf files folder. Does realtional databases also have file path sepecified in connection string? – Mahesh Jan 09 '18 at 12:49
  • FoxPro is a **relational** database, based on SQL, nothing like a document DB about it. – Alejandro Feb 09 '18 at 12:29

3 Answers3

0

There is no way, you can bypass "their" firewall rules if you don't:

  1. Control of the server running the firewall;
  2. Have found a bug in the firewall;

If you can control the server, then you just need to expose any port that is not-denied (like port 80, if the port is occupied try another) and pass traffic to the database port (like 1433). This is not what ngrok is doing btw. For that you could use:

Note, traditionally tunneling is used to bypass "local firewalls". So for example you have a company policy not allowing certain websites (I had companies not allowing SO itself!) but that have linux servers that are exempt from this policy. An SSH proxy is helpful in this scenario.

Mindaugas Bernatavičius
  • 3,757
  • 4
  • 31
  • 58
  • I am able to connect to sql server by exposing 1433 port on machine of third party network. I want to connect file system databases in same way. We can install some tool like ngrok to expose some particular port for communication(It means we can access that machine and install any tool to expose some port).We have access to those machines but they will be in different VPN. – Mahesh Jan 09 '18 at 09:22
  • Then use netcat. Appended the answer. – Mindaugas Bernatavičius Jan 09 '18 at 09:29
  • When we install ngrok on a machine in third part network we can expose some port using tcp or http tunneling.When we execute commands for exposing some tcp port it will generate corresponding public url for us.This ngrok public url we can keep in server name of connection string.This works for SQL server perfectly.But how i can connect to Visual fox pro DB which uses some folder name in connection string (where db files are stored)and we need to expose that folder to public to connect to that database. – Mahesh Jan 09 '18 at 09:43
  • TCP tunneling can be done by Ngrok also but my issue here is connecting document database which works on access to some folder. Ex: folder with .dbf files – Mahesh Jan 09 '18 at 09:45
  • How are you accessing that database normally - in your day to day activities? – Mindaugas Bernatavičius Jan 09 '18 at 10:13
  • Earlier we used to install some windows service to sync data from that machine in third party network to our central server. Now we want get reid of service in third party network. – Mahesh Jan 09 '18 at 10:38
  • connection string with out Ngrok be like: "Provider = VFPOLEDB.1; Data Source =\\\\ipaddress\\v20k\\Databasetablesfolder; Collating Sequence = MACHINE". With ngrok or tcp tunneling exposing that Databasetablesfolder folder is where i stuck – Mahesh Jan 09 '18 at 10:44
0

As you said. VFP is a file based database. However, there is a driver from Sybase called ADS (Advantage Database Server). You can use that to access VFP data as a service based C/S database.

Since you are saying ngrok which is a Go based utility, you might as well create microservices, REST based webAPI ... to do CRUD operations on VFP database. Doing something like that with Go is much easier than doing with another language IMHO (at least it was the language I found to be easiest for this kind of job, not only its network capabilities but also its concurrency support rocks).

Cetin Basoz
  • 22,495
  • 3
  • 31
  • 39
  • Do you know any info like whether Sybase driver is having some default port? so that i can expose that tcp port to connect to it – Mahesh Jan 09 '18 at 10:31
  • It has been too many years I last used it. Check their documentation. I would take the path of exposing via webAPI. (if you check connection strings.com, there is a connection string with specifying port, so default or not it has a port definition too). – Cetin Basoz Jan 09 '18 at 12:02
0

We can not connect file based databases through TCP tunneling. Because TCP tunneling works on port permission and file based databases works on access to file path.

Mahesh
  • 823
  • 1
  • 11
  • 29