| |
Yes, there are a few options for accessing your CQC system from a remote location. Which one is best depends on what you want to do, from what kind of client machines you will be doing that access, and what kind of bandwidth connection you have available when you connect. We'll discuss each option below.
Web Server
The lowest overhead, though most limited, way of accessing your system is through the built in web server. One of the optional components in the CQC system is a built in, zero configuration web server. This allows you to access your CQC system via any standard web browser. You can easily use any standard HTML authoring program such as Front Page to create user interfaces that show the status of your system. Changing the state of the system requires somewhat more technical setup, but that is very doable as well.
The big advantage of the web based access scheme is that it can be done from anywhere from an internet cafe to a friends house to a kiosk browser in a library to a smart phone with a web browser in a WiFi system and so forth. And the bandwidth requirements are minimal. So it is pretty much ubiquitously available. And it only requires a single port to be exposed so there is minimal exposure to the outside world.
The biggest downside is that, relative to the CQC user interface system, web based interfaces are fairly simple. And, you do have to do more work in order to be able to actually control your system, as apposed to just seeing the status. And of course to keep things simple you will often install the web server on the standard port 80, which is likely to be attacked by any hackers who wander by your IP address. The web server implements the highest level of security available in the web server standard, the Digest Authentication method, so it is as safe as it can be while still being accessible to standard web browsers. But it is something to consider.
.Net Interface Viewer
Our .Net Interface Viewer allows you to access your CQC graphical user interfaces from any .Net 5.0 enabled device (see the Hardware section of the FAQ to the left.) So it provides access to the rich graphical interfaces of CQC. The .Net Interface Viewer has most of the advantages of the web access method except or ubiquity. It does require that you have it installed so it will only be available from your own laptop or PocketPC and so forth, that you bring with you. It has somewhat higher bandwidth requirements than the web server, so you probably don't want to use it in a dialup configuration, but even a single channel ISDN line should be sufficient for it, as long as you don't use lots of images in your interfaces used by the viewer. And it also only requires a single port to be open. The .Net Interface Viewer supports encrypted sessions, so it should be quite safe, and it can be on whatever port you want it to be on. The session key is generated anew for each session and is a 128 bit Blowfish based encryption, so it should be very safe for the length of time of a single logon.
This method is optimal for the traveler taking a laptop on the road or a WiFi enabled PocketPC or Smart Phone. Since they will have their own access device with them, the access ubiquity issue isn't a problem. Many hotels these days have wireless or wired broadband access more than powerful enough for this application.
VPN Access
You can also use VPN to set up a laptop as a regular CQC client of your CQC system at home. This will provide you with complete access to your system, so that you can design interfaces, write macros and so forth from your laptop on the road. It does require a fairly quick broadband connection, of the DSL or cable modem sort. Your router will have to support VPN forwarding in order for this to work, since the packets must be routed off the local network when normally they would not be.
This method also only requires a single port to be opened, and should be quite secure due to the level of security inherent in the VPN standard, both in terms of the login and in the encryption of the session. And you can make the Windows account used in the VPN login be a Guest level account, so that it is very limited in terms of what it can do, even if someone were to break in. Access to the CQC system is not based on Windows account privilege, it uses CQC's own security system, so use of a Guest style account doesn't limit your CQC access. You may have to add some entries to your hosts file on the remote machine to allow for DNS lookup of your home systems.
You will most likely have to open the 'hosts' file on the remote machine and add entries for your home machines so that their machine names can be translated to their internal IP addresses. When you VPN in to your home system, you don't automatically get access to name lookup services. If you go to the directory \Windows\System32\drivers\etc you will find a file named 'hosts'. You can put entries into it like:
MyServer 192.168.100.2And Windows will use those entries if it cannot translate MyServer to an address via other means. This does though generally mean that you will want your home machines to have fixed IP addresses instead of getting them via a DHCP server, so that they are always the same. Else, you will first have to check machine addresses and update your hosts file before starting up CQC. You can do this using the 'ping' command. Open a command prompt and type:
ping MyServerIt will go find that server and display the IP address. You can use this to update your hosts file. You need to do this for any of your home computers that are running CQC background processes (CQCServer, web server, XML Gateway, etc...)
Remote Desktop
You can also use remote desktop if you have a high enough bandwidth connection. This doesn't require any special programs since it is supported on any Windows client machine. You will need to enable it on your home machine. For custom installers, this is often the best way to do remote maintenance on customer systems. It avoids any CQC client/server version issues since you are literally running the client tools on the customer's system and just seeing the output on your remote machine.