Access Files on Mac OSX Lion Remotely

Hello,
I have a Mac OS X Lion server set up and have it set so that from another Mac, I can go to Finder > Connect to Server and enter the hostname of the server and access the files on it remotely just as I would if I were on it's LAN.

I want to know if this is possible to do with just a regular Mac. One of my users wants to be able to do this from his Mac Laptop at home and be able to connect to his Mac desktop at the office so he can get his files when he is traveling.

I have enabled File Sharing, but it is the problem of the IP/hostname/Ports that I do not know how to configure.

FYI, I do have a STATIC IP address.

Thanks!
LVL 1
mfranzelAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

roylongCommented:
You will need to configure access to your internal office LAN for the user.  The usual way to do this is with some kind of VPN through the firewall (or with other devices like Juniper SSL VPN devices).  Do you have anything set up?

An alternate way to do this is with apple's iCloud service.  They have a 'back to my mac' feature which lets you connect both machines securely through iCloud and then access each from the other.  This 'tunnels' through the firewall as long as appropriate ports are open.

Ensure TCP port 5354 and UDP ports 4500 and 5353 are open on your firewall.
0
mfranzelAuthor Commented:
I'd prefer to do this without VPN and iCloud. How does Luon Server do this without either of those?
0
roylongCommented:
Lion server has a built in VPN service.  Try this link::

http://macminicolo.net/lionservervpn
0
Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

mfranzelAuthor Commented:
But this is not how it works on my Lion Server. I have VPN disabled.
0
roylongCommented:
Explain the steps you follow to get onto your office LAN.

If you are connecting to the LAN already then you should be able to connect to server (turn the desktop file sharing on) specify the IP address of the desktop and log in using the local user's credentials. If your macs are in Active Directory then you will use the network credentials.
0
mfranzelAuthor Commented:
Basically, I just followed the steps on Lion Server to set everything up. As stated above, I click on Connect to Server in Finder and enter the hostname of the server. I enter my username and password and it connects.

However, this other Mac that isn't a server is on a completely different network than the server.
0
roylongCommented:
And that's what I was trying to explain, you need to find a method to connect from one network to the other. Do you have a firewall between the two networks?  Is the remote user at home?  Can you set up a VPN through your firewall (if you have one)?  Once you VPN into your office LAN then this effectively puts the remote computer (IP address) on the same LAN.
0
mfranzelAuthor Commented:
And what I am Asking is why I need any of this if I am doing it fine without anything using Lion Server??
0
roylongCommented:
So you are not connecting to the lion server from a remote network (across the internet?) with just the host name? So your lion server must be sitting on the Internet with a public IP address?  Does the user's client computer have a public IP address on your network too?

0
mfranzelAuthor Commented:
Yes. I assume that's how it is. It is assigned a static IP from the ISP. So I guess my question is how can I do that with port forwards to this other computer?
0
roylongCommented:
How is your network set up?
Do you have a firewall?
How are you assigning IP addressees to the desktop clients?
0
mfranzelAuthor Commented:
Fir this network, it is simply a a router with a static WAN IP from our ISP. It is a DHCP server assigning addresses to clients, but I can set a static IP for this specific computer.
0
roylongCommented:
Which router do you have?  Sounds like we just have to crack the port forwarding on the router and have specific requests passed to the desktop client - if the router supports it.  Was the router supplied by the ISP? Maybe they would be the best place to get the config info?
 
0
mfranzelAuthor Commented:
No, we have a Cisco RV082. http://www.cisco.com/en/US/products/ps9926/index.html

It does have VPN capabilities, but we do not wish to use these. We want this to be as simple for our user as possible. Aka... type the hostname and bam he is connected.
0
mfranzelAuthor Commented:
I am very proficient with networking and this router, but I am unsure how to make it so I can have our user connect to this computer while using a hostname and a port as opposed to just a hostname (because that is assigned to the main network.
0
roylongCommented:
Okay, believe it or not the easiest way would be to use the VPN on the Cisco router, this means you don't have to mess about for every client that wants to connect. Just give them the VPN client, set them up and away you go on the same network.
If you do want to do this without VPN I suggest you provide a small network diagram, Internet to client computers and request adding to Cisco zone and bring in Cisco experts to assist.
0
mfranzelAuthor Commented:
The reason I do not want to use VPN is because we tried it in the past and it was a mess and simply didn't work well.

I would like to do it this way because the only person that needs to connect is this user. Everyone else has laptops and do not need to access anything on the LAN while away. I am only having trouble with what ports to forward etc.
0
roylongCommented:
aah, okay so I understand a little better now.  I found the following::

You need to map private TCP port 548 to some random public TCP port number. Any port will do as long as it's not port 548. Try port 1234. Then you'll need to specify port 1234 when you connect to your Mac.

Then use connect to server::
afp://hostname:1234/
and map that to the desktop mac.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mfranzelAuthor Commented:
I cannot map a port to a port. I can only deny or allow ports to computers. (see screenshot). What do I need to map port 548? What is that for?

 port map
0
mfranzelAuthor Commented:
Okay I also found this. Port Forwarding and Port Triggering. Did I configure this correctly? If so, it is still not allowing me to connect.

 forwarding
0
mfranzelAuthor Commented:
Nevermind! Just got it to work! Do not know how, but I did. I type afp://hostname.here:548 and it allows me to connect!
0
roylongCommented:
Port 548 is for afp (apple file protocol). I'm surprised as I would've thought that was mapped to your lion server already. But if it works, good going!
0
mfranzelAuthor Commented:
The reason it worked is because, as stated previously, the Lion server and this computer are on two totally separate networks.

Thanks for your help!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Mac OS X

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.