Access Mysql database remotely

Hi all
XOJO

Thankful for your answers to solve the following:

In a BUILDING number ONE, I have 5 computers with windows 10 connected in a local area network.
in one of these computers identified with an IP 192.168.8.1 is installed a Mysql database and through a desktop application xojo, the other 4 computers can access the MySql database through IP 192.168.8.1 and everything works perfectly.

In a TWO number BUILDING I have 2 computers with windows 10
The DOS number BUILDING is separated at a distance of approximately 600 meters from BUILDING number ONE.

using the same desktop application xojo, I need to access from the Computers of BUILDING number TWO to the Mysql database installed the computer of BUILDING number ONE.
how could I do it?
it’s possible?

the computer with the Mysql database of BUILDING number ONE and the 2 computers of BUILDING number TWO have access to the internet.

All ideas will be greatly appreciated

Cordially,

Raul

From TWO can ping 192.168.8.1 ?
Have other network index ?
for example NET BUILING NUMBER 1
192.168.8.1
192.168.8.2
192.168.8.3

192.168.8.XXX

if computer of NET BUILDING NUMBER 2 have other IP class …
192.168.7.1
192.168.7.2
or other but in 192.168 the netmask of PC is not 255.255.255.0 but 255.255.0.0
U can access 192.168.8.x and other 192.168.7.x, etc.

That’s assuming that the network is set up for this. You’ll probably need to talk to your IT group and make sure there is actually a valid route between the two buildings. And to be clear, even if they have the same subnet and can write files to the same servers does not necessarily mean that the networks can actually see one another.

Greg is right you may need the help of the IT group but if that is not possible here are some thoughts that might help you “dig it out” on your own.

Sorry if you already know some of this …

  1. Get on a PC in the remote building and verify the IP address. Open a command window and run IPCONFIG.

  2. Do you know for sure that the two buildings are interconnected via the Local Area Network?

  3. Run a Trace Route (TRACERT) to the other IP address. You might want to set the timeout down because intermediate hops may not respond to the PINGS done by Trace Route. Enter TRACERT --help to see the options. This will tell you about the network devices between the two buildings.

  4. It is possible the MySQL default port could be blocked by the network between buildings based on how traffic is routed. Port number 3306 must be open to connect to a MySQL database.

  5. You can test connectivity by using Telnet. Open a command window and enter TELNET 3306
    You will get “gibberish” if it connects but if not you will just timeout. The timeout can be because the IP address does not route or the port number is not open across the network.

  6. A distance of 600 meters would indicate if the Local Area Networks are bridged between the buildings it would likely take a Fiber Optic Cable. Regular copper Cat 5 or 6 is limited to about 100 meters although you might “cheat” on that limit but 600 meters is not likely without multiple repeaters between buildings.

  7. It is possible the two buildings are NOT connected on the Local Area Network and you will have to connect across the Internet. If that is true you will likely need some sort of help from the IT group. You will also need some sort of VPN / Tunnel software to connect unless they already have something in place. There are some free choices like OpenVPN. In theory you can connect without a VPN if the right ports are open but that is dangerous and will pass data across the Internet in clear text.

If you cannot get any IT help then hopefully this helps.

Thank you so much
Massimiliano Chiodi
Greg O’Lone
Mark Strickland

Your help has been very important to me
I forgot to mention that the two buildings are NOT connected to a local area network and I definitely have to connect through the internet.
So I have to look for the best alternative and technically possible

Cordially,

Raul

Try to avoid a direct connection, because this would expose too much information for possible attacks. Try to use a server which handles the connection with the internet clients and stores the data the clients wish to exchange, in a location from whitch the “real” server can reach it.

English is not my main…. Please, just try to avoid a direct connection between the internet and the main server. :slight_smile:

If the 2 pcs on Building 2 dont depend on the Building 2 lan, just put a wireless bridge to connect those 2 pcs to the lan on building 1

As Sascha said, is not secure to have a DB server with direct acces to the internet. Use a different port, and limit the conections to the 5 ips you are going to use.

[quote=410855:@Raul Juarez Pulache]using the same desktop application xojo, I need to access from the Computers of BUILDING number TWO to the Mysql database installed the computer of BUILDING number ONE.
how could I do it?
it’s possible?[/quote]

The first question is difficult to answer, because there are many ways to solve this.
You could for example use the Clients App to transfer the Data via HTTPS to a Service running on the other end.
Or you could open a VPN and work like you’ve planned it from the beginning (like in a Local area Network).
Or you store the Data for exchange encrypted in secured FTP locations.
Or… :slight_smile:

So, the answer to question 2 is definetly a Yes :slight_smile:

As others mentioned, it is not secure nor recommended to have a database server directly accessible from the internet.

If you want to try it though here are the steps.

  1. Get a static IP from your ISP. Otherwise your public IP address will keep changing.
  2. Set up port forwarding on your modem/router for building one. I would recommend changing the external port to something non-default for a bit of security (maybe not??). For example yo would set external port 12345 to forward to 192.168.8.1:3306 (or whatever your port)
  3. Now from anywhere in the internet (including building 2) , you can connect to the database like this (using extenral IP) xxx.xxx.xxx.xxx:12345

Again don’t do this with anything other than a test database unless you don’t mind taking risks.

The community free version of OpenVPN.com could solve your problem BUT you will need some assistance from IT to allow an inbound connection at one end from the Internet to a specific port. For the best security it could be restricted to come only from one IP address (the other building).

If the routers that connect to the Internet at each building are home or small office routers they may only have limited options but you should be able to create the connection by opening a port and using OpenVPN.

Is there an option to put the MySQL server in the cloud? That won’t be free but you eliminate the network problems at each building since the connections will be outbound and not require router changes. You will still need a VPN but if you control the cloud server you should be able to install OpenVPN.