Recently I have been using Quickbooks 2012 to manage my business, and while I can’t say I’m in love with the software by any means, it is what I would consider “good enough” for what I’m doing currently. I have the multi-user edition and run the database using the Quickbooks Server application. I frequently travel or work off site, so having access to this offsite was something that I wanted to do. Since I use the standard OS X Server LT2P VPN server, bonjour services don’t “just work”. This is because L2TP (among others) doesn’t support multicasting, which is what bonjour uses in a local subnet to broadcast. After doing some research, I learned that WAB (Wide-Area-Bonjour) does not support private namespaces, so that was out. The other option was to use a VPN server that supports multicast, like OpenVPN. I liked using the built in Apple VPN client and I didn’t want to go through the hassle of compiling and configuring OpenVPN when my current VPN was working just fine for this.
You might ask, “why are you writing about Quickbooks on a video and storage blog?”. Simple: the tools in use very well may be useful for other Bonjour enabled applications that don’t give you way to connect via direct IP address.
What this will work well with:
- Any bonjour only server application (ex. MYOB, Quickbooks, Apache, etc)
- Any client application that is on a fixed host (iTunes on a desktop with a static IP, etc)
What this won’t work well with:
- Dynamic applications with high likelihood of IP change (Bonjour iChat on a laptop)
- High bandwidth applications (Compressor Cluster Node, Qmaster, etc)
First, you are going to want to download a few tools:
- Bonjour Browser – Used to discover services on the network
- Network Beacon – Used to build a remote proxy for bonjour
- A working IPSEC/L2TP VPN connection
You can download these tools onto your client system as long it is on your bonjour network to get the info you need.
First things first, we want to fire up Bonjour Browser to get a look at what bonjour services are running on our network. In my network, it looks like this:
Bonjour Browser
You will notice a lot of the “known” services are highlighted in bold as they are published protocols. What you will also notice are a lot of non-bold services in there as well. While it isn’t necessarily easy to know what does what immediately, we can just read the names and figure most of them out. In this case, my PresSTORE bonjour processes are _awcln._tcp (for the client) and _awsrv._tcp (for the server). I also see a few other noticeable broadcasts in there too – ._attocfgd._tcp (ATTO config tool), ._touch-able._tcp (Mobile Mouse), and what I was actually looking for ._qbmu._tcp (Quickbooks server).
Flipping down the toggles for this broadcast gives me all the info I need to build a proxy on a remote connection:
So first it is important to know what it is we are looking at here. You can see the the _qbmu._tcp. This is the PTR service DNS record name. Under each of these is the host itself (qbmac://server.local/PVT.qb2012-3B01AF67-9E67-4944-813C-AD551AE) and beneath that are the TXT record entries (appVersionStageNumber, displayName). We also can see that our QB server connects over port 57219. We are now going to use this information to build a bonjour proxy using Network Beacon so our systems on remote networks can access bonjour only entries across a VPN link.
Fire up Network Beacon and you should have the option to make a new Beacon. We are going to fill in all the information we learned from Bonjour Browser to create a local representation of that Bonjour broadcast (even though we can’t see it) so that our local application can connect to the server.
You’ll notice that I put a “�01″ in-between the two individual text records. This is actual how Network Beacon requests separation and you can get more info on modifying TXT records by hovering over the text box in the application. In this case I have called my database “Example” just so we can see both addresses.
What Network beacon is actually doing is firing up a local mDNS broadcaster for that PTR service on your client system connected over VPN. Since you aren’t receiving the multicast broadcast of this info over the VPN link, you are manually recreating it for any services you would like to be able to access remotely. What you end up with is a link back through VPN to a service that doesn’t have any options for manual entry of DNS name/IP address to connect. When I fire up Quickbooks now on my client system (while still on the local LAN), I see both entries and selecting either will connect me to the same database.
If all works properly connecting locally on your new beacon, simply export that beacon and import it onto your remote/VPN system, connect via VPN, and test. You should be able to get access to all sorts of bonjour services over a VPN link using this method, including iTunes sharing, iPhoto sharing, remote screen sharing, and even AFP registration in the Finder if you want to go that deep.
February 22nd, 2012 at 5:28 pm
Thanks for the excellent article. I’m having one problem. I can now see the shared file, over VPN, but when I click “OK” to select it, NOTHING happens. It doesn’t respond. Same behavior on a local machine, NOT over VPN. The shared file is not selectable. Any ideas? I sent you a tweet with my contact info and would like to hire you to help resolve this.
February 22nd, 2012 at 5:31 pm
Tom,
I sent a response via email. Feel free to contact me back via that medium and we can follow up.
April 23rd, 2012 at 4:33 pm
I have the same issue using Quickbooks 2012 accountant. I have the server set up on one machine and QB on a laptop.
Your article seems to be Apple Specific, will this solution also work for Windows 7?
Any suggestions or direction to other sources would be appreciated.
Thanks,
John Castaldo
April 23rd, 2012 at 4:40 pm
Unfortunately I’m not sure how Quickbooks works in a Windows environment for mDNS. They may have their own protocol on that side of things. Sorry for not having the info that you needed, but I’ve never used Quickbooks on Windows in production to know more.
April 23rd, 2012 at 4:44 pm
Thanks for your quick response! So in WIn7 it uses mDNS, is that correct?
I’ll keep hunting for other VPN solutions. I like having the server in the office, but I need to be able to VPN to it when I’m away.
John
April 25th, 2012 at 9:47 pm
Fantastic article!! This saved me hours of work trying to find a workaround solution.
I initially had the same issue as Tom. I eventually got it to work by changing the Service Name in Network Beacon to the same name as the original host listed in Bonjour Browser (in the example above it would be: qbmac://server.local/PVT.qb2012-3B01AF67-9E67-4944-813C-AD551AE)
April 26th, 2012 at 9:55 pm
Jonathan, glad I could help out!
September 12th, 2012 at 6:02 pm
I have been having trouble getting any service up and running over bonjour. When I connect via vpn, I can connect to my home servers and the internet if I wanted to, but I can’t figure out how to get the bonjour services configured correctly, specifically iTunes Home Sharing. Which machine does Network Beacon need to be run on? And do I need to configure port forwarding for any services? I don’t figure I do because everything is being run over my vpn.
September 12th, 2012 at 6:12 pm
Chase, you need to run network beacon on the system that is VPN’d in to your home network. You shouldn’t have to do any port forwarding, you just simply need to emulate your home environment when remote. Easiest way to do this is to fire up Bonjour Browser when you are in the home network and look for all the services you want to emulate. Then you need to replicate those services with independent Network Beacons.
September 12th, 2012 at 11:58 pm
Gotcha. Just did it and it worked. Thanks!
November 1st, 2012 at 6:11 pm
Mike, have you had problems with this since Mountain Lion came out? Mine worked perfectly up until very recently.
January 16th, 2013 at 6:55 am
Hello, great post.
I was considering Wide Area for publishing services across sub networks, but I was curious about what you said:
“After doing some research, I learned that WAB (Wide-Area-Bonjour) does not support private namespaces, so that was out.”
Could you explain a bit better what did you mean by that, because the link you point to does not have any content.
Thank you in advance.
January 22nd, 2013 at 1:58 am
Basically the .local domain and my internal .lan domains wouldn’t be supported in the default spec (at least from what I could read) in Bonjour. Since my attempt was to use this over VPN, it had to conform to my .lan domain internally on my network.
January 22nd, 2013 at 2:00 am
Sadly, I have. I’m not sure if it was a dot release of quickbooks though or ML that caused the problem. The service shows itself properly on my Retina MBP when I fire up Network Beacon, but attempting to connect in QB results in nothing happening at all. I wrote a nasty message board post on the QB2013 board about how useful a feature like this is to users with remote offices or mobile workspaces. The response I got was less than what I was hoping to hear.
January 31st, 2013 at 10:39 pm
I’m having one problem. I can now see the shared file, over VPN, but when I click “OK” to select it, NOTHING happens. It doesn’t respond. Same behavior on a local machine, NOT over VPN. The shared file is not selectable. Any ideas?