Mapping a network drive over SSH in Windows
Im trying to share a network drive over internet. Many has recomended to create trust relationship between domains and use VPN. However this sounds to be a bit complex and my two systems are runing on MS Small Business Server 2003 and there is also license limitations to do this. I have found some articles that this should be possible to do with SSH. My environmet is that I have one SBS2003 environment in city A and other SBS environment in city B. These environments want to share one common network drive together. If it helps I can setup third environment where is real Windows Server 2003 or 2008 (not SBS). Do someone has some basic introduction how to do this with SSH (or by someother way). Im not familar at all with SSH and I would like to be sure that this share what im building would be safe.
dfxdeimos
Do you want the files to exist in SiteA or SiteB? Keep in mind that the files are going to be pulled across the wire to whatever site does not host them.
ASKER
It doesnt matter they can exist in SiteA or in SiteB (they are my customers) or these files can stay in my own server and these SiteA and SiteB can use those files over internet.
ASKER
There is not very much network trafic, these files will be basically just office and pdf files and there will be less than 50 users which are using them randomly.
Probably the easiest way to do this would be to this would be to set up a share in SiteA, create a user account in the domain @ SiteA that is granted permission to access the shared folders, then forward ports 135-139 to the internal IP address of the server that is doing the sharing. Optionally you can set up a DNS entry to point to the external IP of SiteA
You can then (from SiteB) map the drive by going to \\ExternalIPAddressofSiteA
You can then (from SiteB) map the drive by going to \\ExternalIPAddressofSiteA
ASKER
This sounds clever. Do you know some step by step article how to do this?
I couldn't find a guide but the steps are pretty straight forward.
1) Set up the share in the site you want to share the files from.
2) Set up a user in the domain that is sharing the files that the other users will use to connect to the share.
3) Grant share and NTFS permission to the shared folder for the user you just set up.
4) Log into your router and forward ports 135 - 139 (TCP and UDP) and 445 (TCP and UDP) to the internal IP address of the server that is sharing the files.
5) Figure out the EXTERNAL IP address of the site that is sharing the files.
6) At the site that you want to download the files to you should then be able to map a drive to \\IPAddressFromPreviousSte
You can do all of these steps one at a time without affecting anything on your network so if you want to just walk through it and post results / problems back here I can help walk through it.
1) Set up the share in the site you want to share the files from.
2) Set up a user in the domain that is sharing the files that the other users will use to connect to the share.
3) Grant share and NTFS permission to the shared folder for the user you just set up.
4) Log into your router and forward ports 135 - 139 (TCP and UDP) and 445 (TCP and UDP) to the internal IP address of the server that is sharing the files.
5) Figure out the EXTERNAL IP address of the site that is sharing the files.
6) At the site that you want to download the files to you should then be able to map a drive to \\IPAddressFromPreviousSte
You can do all of these steps one at a time without affecting anything on your network so if you want to just walk through it and post results / problems back here I can help walk through it.
ASKER
sounds simple. can i use private IP address and just make NAT from firewall to this private IP? Why I need to forward 445 SSL port? How about SSH, when I should install it and how i should configure it (or am i out?)?
Yes, you can set it up that way. You just have to make sure that those ports get forwarded to the machine that is hosting the share.
443 is the default SSL port. 445 is used for NetBIOS name resolution. It may not be necessary, but it is listed as one of the ports used by Windows File Sharing.
My solution doesn't use SSH, you would just connect to the share (from the other site) by navigating to \\External IP Address\Share name.
443 is the default SSL port. 445 is used for NetBIOS name resolution. It may not be necessary, but it is listed as one of the ports used by Windows File Sharing.
My solution doesn't use SSH, you would just connect to the share (from the other site) by navigating to \\External IP Address\Share name.
ASKER
sorry i mixed those port numbers. so in this way these files are not encrypted at all? there is no any simple way encrypt them?
There is no simple way (that I know of) to encrypt the files if you use this method. The only protection is restricting access to them based upon the username and password that you set up for file access.
If you require encryption then you may have to go with a different solution.
If you require encryption then you may have to go with a different solution.
ASKER
ok... in this case user name and password are also transferred just blank text? You dont propaply have solution how to enrypt those files...?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If it doesn't work out as you planned just open up a new Question and alert me by e-mailing to:
richard <AT> r3portfolio <DOT> com
richard <AT> r3portfolio <DOT> com