This is sort of an odd question but I cannot find a good resource for it. In my office we have a PC that is continually hooked up to the internet and has a public facing IP address that is dedicated. I can access this IP address anywhere with an internet connection to access some server software.

My question is, is it possible to "map" this PC's C drive content (or whatever else) to another computer using its IP address?

tia

put the ip in the address bar of File Explorer, add to quick access.

I am not sure that is working properly.

If I put just the xxx.xxx.xxx.xxx in the bar of windows explorer, it goes to open a web browser. If I put in \\xxx.xxx.xxx.xxx (which I think should work for networked computers), nothing happens.

Is there some other way to put in the IP address that will prompt it to go to my public facing PC?

What about map network drive and then add network location like you would for an ftp site?

Sorry, I told you incorrectly. This is how we do it through our vpn.

what OS is being used on the server end?

@TX_AG_10

That's a great idea. I tried to do that (with \\xxx.xxx.xxx.xxx) and received this error "Windows requires a share to publish to. Please try another location." I am not sure how else I should write the IP address.

@chipotle

The OS of both machines is Windows 10. We are not using a server. We're trying to make this one PC in the office to act like a server since it will always be on and always connected to the internet.

yeah if you are just opening up file sharing public on the internet I hope you have that data backed up. Agreed - this is a bad idea.

What are your trying to do? You said just "access some server software", but can you explain more and there is probably a better and safer solution that meets your needs.

Those are some really good points. I do not know a lot about servers and how easy it is to hack something like this (I presume very easy). In any case, the company I work for likes to go as stingy as possible which means not paying for a real off-premise (or on-premise) web server.

We are hosting geographic data in the form of web-maps through some server software that is built for hosting these data. I was thinking of having this 'dedicated' PC be password protected to where myself and a few others can manipulate the data while all other 'users' would just have read only access.

Does this make sense? Would it make more sense to just pony up and get something like Amazon Web Services as opposed to going to this backdoor of a backdoor approach at pinching pennies?

Is it arcserver by anychance?

Yeah, it's ArcGIS for Server

Do you already have a connection to the GIS server in ArcCatalog? If the web services have been enabled for editing you can edit them from any computer using ArcMap or ArcGIS Online, and you can also determine whether users have edit access or not.

Not sure of your exact set up so it's kind of hard for me to offer solutions. But how I am envisioning it, you shouldn't have to access that PC to edit the map services..

quote:

---

Would it make more sense to just pony up and get something like Amazon Web Services as opposed to going to this backdoor of a backdoor approach at pinching pennies?

---

Yes. I assume that this PC is also connected to your network. If your bosses squirm about costs, calculate the difference in the cost of the AWS solution vs incident response fees, loss of customer data, loss of business due to loss of customer data, etc. I don't know where you work, and I assume it's nothing like the size of Target, but their breach ended up costing them between $400 million -$450 million.


In the meantime, I would make sure you have an antivirus on the machine and also something like Malwarebytes Pro. If it has a public IP address, it's been scanned by some sort of evilness or botnet. Perhaps it hasn't been exploited. I would also look into disabling the hidden shares. Try mapping it like \\xxx.xxx.xxx.xxx\C$\ and see if you can connect to your machine.

quick google of how to disable hidden shares: (this might mess things up if you're computer is on a company network, maybe contact IT department)
http://winaero.com/blog/disable-administrative-shares-in-windows-10-windows-8-and-windows-7/

@TX_AG_10

This is kind of where it gets fuzzy. I want the data to be on the server machine, so that when I make updates, they automatically reflect in the served web map (at least that is what I am envisioning).

I have a connection to the GIS server in ArcCatalog and I can publish to the server. Though, since the data I am publishing resides on my local computer, it creates a disjointed copy on the server and publishes that data. This is fine but kind of defeats the purpose of the server (which, for me is, editing the data live and having that edited data reflect on the web).

I thought about just having a shared folder on that server PC that acts like Drop Box or so that would be synced, but I still would not be able to publish the data on the server machine - I would be publishing the data on my local machine (and the server would go and make a copy again).

I am not sure if this makes sense or not.

Security breaches are never cheap and the reputation hit will be for more expensive than any technical safeguards.
Not the ARCGIS guy, so don't know the best solution but I suspect dragging raw data across the WAN is not the solution. If you really need that access look at microsoft direct access. It does require a server and AD instance but you should be able to use a single Essentials edition server(~$200) for the AD & DA server (upgrade your exposed PC) and it makes access of data available on the LAN transparent, no difference to access locally or if you are remote. Though I do not believe its supported officially I hear you can host Direct access on Azure.
VPN's are also cheap to implement, useful and worth having.
Unplug that outside connection, the risk is not worth it.

@jay040

You're right that we're not as big as Target but this is a perfect example of why 'contracting it out' to a more capable company is a good idea.
I appreciate the advice on the antivirus and malware protection. But, wouldn't disabling those services essentially seize the ability of the machine to act like a server?

This is starting to make my head hurt. I wish we had an IT person.......
I think VPN might be a good way to go. I think I need to consider that (but I still feel like there will be a security issue since I will be VPN'ing into this public facing maching with the dedicated IP address, etc.).

With VPN there would be no public server your whole network would be.isolated, that is the point. Not talking about the services that people use to hide their location, but a gateway router that can act as a VPN gateway.
Username at con spir Acy d0t net with questions

I'm kind of following along, but you should be able to edit the live data and have it go live without accessing the server itself.

If you create another connection to the GIS Server using a user connection instead of a publisher, you can edit the service locally in ArcMap using the feature service instead of the map service. (You should see two services instead of one. The feature service will have a little square on it). You just need to make sure that your service has feature access enabled in the service properties. Then add the features service into ArcMap and you can do a local edit session where it copies the data down, you perform your edits, then it syncs back up.

This is pretty much our workflow. We have map services that we share out for our clients. We also have an Enterprise Asset Management software that integrates with our GIS Services and we are unable to shut down the service during the day so the above process by editing the feature service works really well.

Hopefully that makes sense, ha! And hopefully I'm understanding what your needs are!

This sounds like a really great idea but I still am not sure it will work. In order to publish data as a feature service and map service, the database has to be registered with the server. In order to do this, I will have to have direct access to the server machine.

Looking at this link and scrolling down to "The publisher's machine and the server are working out of different folders"
I still have to have a path to the folder on the server, which I do not have (yet).

What kind of database are you working with? We use an SDE connection and use the first option listed on the link you sent.

A strongly suggest you just invest in a simple VPN router. Something like OpenVPN is pretty easy to get up and running on a cheap computer.

PFsense will run on an old PC, add a second network card (even USB) and you have a secure VPN capable router and application platform you can run things like snort, asterisk and other tools on.

@TX_AG_10

That's another issue... Due to lack of funds and this and that, we do not have a relational database setup for this. I would like to have an SDE connection but that would require having the enterprise database setup and likely require someone who knows how to manage that. So, for now, we use local file geodatabases.


..To the others..
I agree that a VPN should be the best route to go. Thanks for the suggestions.

OpenVPN will cost you $9.60/user/yr for VPN access.

I understand you're nickel & diming it - but remote access is something that you don't want to try and do for $0. You can - but it sounds like you don't have any staff on hand who will do the small things like run updates and make sure that this door has a proper lock on it.

I'll be more than happy to yell at your boss if you need me to haha