Pocket PC MSMQ question

Pocket PC MSMQ question

• furjaw

  As soon as VPN tunnel is established, devices would be in the network behind firewall/proxy. Even though physically they can be on another side of the globe, they would receive internal IP and would have access to internal network.

  This is recommended solution for MSMQ over internet as it solves many problems like address resolution, firewalls/proxy issues and security issues as VPN can be authenticated and encrypted. Disadvantage is what you'd need to setup devices for VPN (can be done programmatically) and setup and maintain server visible on the internet to accept VPN connections.

  That can be additional server on DMZ or it can be an additional service on proxy/firewall. Either way, it need to have access to both internet (so it can accept VPN from internet) and to the internal network.

  
  
  

• Chris Condrey

  Yes, using WS with server on the proxy would work. Devices would be able to send messages to the server, but server won't be able to send messages to the devices. Devices can pull messages from time to time.

  Another possible solution is to establish VPN connections from devices to internal network (assuming your GPRS carrier allows for that). After that MSMQ would work both ways.

  
  
  

• cimnik

  Ilya,
  Unfortunately for us, GPRS is the only option we have. The users are mobile field users. They monitor field parameters many miles away from the HQ. The idea is to allow them to send messages about their observations back to the main system. The main system also sends messages to the field mobile users.
  
  Alternate Solution
  Alternatively, can the PPC app be designed to call Web Services via HTTP over GPRS. The Web Service can be hosted on the Proxy node which designates a DMZ directory. The web service process will then send these as messages over MSMQ internally.
  
  Do you think the alternate solution will work then
  
  
  
  
  
  

• Nasir_khan_persistent

  Ilya,
  Doyou mean that if the VPN connection is established from devices to the internal network, devices can send messages using MSMQ to any nodes behind the proxy-firewall Or the devices can send messages to the Proxy node (DMZ) which another pocess can relay the messages to the nodes behind the proxy-firewall
  
  I believe one of the things the client is working with the ISP is to provide some sort of VPN where the devices can be internally addressed using the client's own DHCP server (at the edge of the network).
  
  
  

• Satish Nair

  MSMQ would work if it can establish TCP/IP connection between hosts. Since hosts behind proxy/firewall do not exist to the outside world, it is impossible to establish TCP/IP connection to them from outside and MSMQ won't work. In fact, nothing at all would work, that's the point of proxy/firewall - to hide everything behind it.

  To allow for any kind of connection you need to use server outside of proxy/firewall or your proxy/firewall needs to be configured to forward specific connections to particular host on internal network (sometimes called DMZ). This is not specific to MSMQ, it's about allowing incoming connections in general. Please see this:

  http://computer.howstuffworks.com/firewall4.htm

  http://compnetworking.about.com/cs/networksecurity/g/bldef_dmz.htm

  Another issue you would face is GPRS which commonly operates behind provider’s proxy/firewall. That means you can not open any kind of connection to the phone for the same reason as described above and in many cases only HTTP (and may be FTP/POP3) is allowed for outgoing connection which means you can not send anything to the phone and MSMQ won’t be able to send anything out unless SRMP is used (which is not supported on PPC 03). Please check with your operator before you even consider using GPRS for any kind of connections.

  
  
  
• Pocket PC MSMQ question