Problem: I have a Windows 2003 Server running a Coldfusion app that needs to constantly update a MySQL database on a Windows XP Pro machine. These machines are not on a LAN and are physically separate. I'm trying to find a way to establish secure communications between them since I do not want port 3306 open to the entire internet. The firewall cannot filter IP's because, frankly, it sucks. Also, communications must be encrypted or tunneled to remain HIPAA compliant. What I've Tried So far I tried CopSSH with Putty but this did not work because I need to manually initiate all sessions and enter passwords by hand. Since there aren't any SSH solutions that allow persistent, automatic connections, it appears I need to go with VPN. The VPN Dilemma I tried creating a VPN server on the WinXP MySQL machine but I cannot get ODBC to work remotely. How do you get the ODBC on the local (Win 2003) machine to recognize the MySQL database on the remote (WinXP Pro) server? Note: I also understand that getting SSL working on Windows is a pain in the butt. I'm trying to steer completely clear of that. I don't have the tools to recompile, etc.
SSL isn't a huge problem for Server 2003, but as you suggested it is a complete pain on XP. If you were needing to go from the XP machine to the 2003 machine it would be fairly easy. But, actually setting up SSL on the XP machine may be the best way to do it. You can do it with openSSH on XP. Make sure you use a decent software firewall on the XP computer if you do decide to do it that way. NOD32 is the best one I've ever used for any server usage. The other options would be to setup a secure VPN, but this would be significantly slower and more painful than SSL. Here's pretty much the only guide on setting SSL up on XP: http://www.somacon.com/p41.php