MySQL Router

Mark_Strickland1 · February 7, 2017, 2:38pm

I have written a Xojo program that connects to a MySQL DB on an external provider. The program does a fairly complex query and I download filtered set of data for either Insert or Update into a local MS-SQL server for analysis. I “rearrange” the data and the local tables do not look like the much more complex source tables. For security reasons the external provider has restricted the connection to their server to the IP address of our server which is Windows.

From time to time I have a need to query the external provider database directly. Because my desktop is on a DHCP connection there was no easy way to provide a restricted IP address that did not change for my desktop computer. Currently I just do a RDP session to the Windows server and run a free client on that machine that is allowed access from it’s fixed IP. This works OK but I would much prefer to use a query tool on my Mac (SequelPro).

The MySQL Router module seems like it might be able to route a connection from my desktop through the server to the external provider MySQL DB.

Does anybody have experience with the MySQL Router module?

For security I think I could probably set up a Windows firewall rule to only allow an inbound connection on a special port from a sub-netted IP address in my DHCP range. Presumably the MySQL Router could translate the port to the standard MySQL port. If not, since MySQL is not running on the Windows box, I could just connect to the router on the standard port with the firewall restrictions for my DHCP range.

Before attempting this I thought maybe I would get a few opinions.

Thanks.

David_McKenzie · February 7, 2017, 3:31pm

Another option might be to set up the Windows server as a VPN server using RRAS. Then you could connect via VPN from your Mac and run SequelPro. Assuming there’s a NAT router between the Windows server and the Internet, the external provider’s database will then see the queries you make as originating from the fixed external IP address of the Windows server.

Mark_Strickland1 · February 7, 2017, 5:56pm

Hummmm … VPN might work at least when I can hit the server from the same network which solves most of my problem.

When I am outside of the local network I don’t have control of the firewall but I do have VPN access to the inside of the local network (where the server is located). I typically use that for RDP access BUT … maybe VPN to the VPN on the server to the remote MySQL?

David … thanks for the idea. Different brains = different perspective.

KevinW · February 7, 2017, 6:33pm

Is it possible to do ssh redirect with the linux on widows stuff now? Just an idea, but if it were a linux server, my first though would be to ssh proxy through the server. VPN is also a good option, but if you don’t control the router/firewall that might be a little bit more difficult.

Simple solution for that would be to add the public IP of the existing vpn connection to the mysql server whitelist so you can get there through both the server itself and the existing vpn connection.

Phillip_Zedalis · February 9, 2017, 10:50pm

Web service would be more appropriate then connecting directly.