wolfiepims.net — Remote Access Network

WolfiePIMS Remote Access

Every practice that runs WolfiePIMS gets a stable, encrypted route home for its staff — whether they’re on a barn call, working from a branch office, or finishing notes from the kitchen table at 9 PM. That route lives here, on wolfiepims.net.

What is WolfiePIMS?

WolfiePIMS is a veterinary practice management application for the Mac. It runs day‑to‑day operations at small and mid‑sized clinics: scheduling, client and patient records, vaccinations and reminders, invoicing, payments, inventory, lab results, dental and medical charting, statements, SMS and email reminders, and more. The clinic’s data lives on a single source‑of‑truth Mac at the practice (the server), and any number of additional Macs at the front desk, exam rooms, and back office act as workstations against that server. Owners can learn more at wolfiepims.com.

What is wolfiepims.net?

wolfiepims.net is the route a WolfiePIMS workstation uses to reach its home practice when it isn’t on the clinic’s local Wi‑Fi. Each enrolled practice is assigned a stable hostname of the form <unique‑practice‑id>.tunnels.wolfiepims.net, which always points back to that practice’s own server — no matter where the laptop happens to be that day, no matter what the clinic’s public IP address is, no matter how the home internet’s NAT is configured.

Why a separate domain?

The remote‑access network has different needs from the marketing site at wolfiepims.com. It serves only the WolfiePIMS application talking to itself; humans typing wolfiepims.net into a browser are exactly the audience this page is for. Keeping it on its own domain means we can run a dedicated certificate authority and DNS zone for tunnel traffic without ever touching the customer‑facing site.

How the tunnel works

Behind every <unique‑practice‑id>.tunnels.wolfiepims.net hostname is a Cloudflare Tunnel. The clinic’s server runs a small lightweight client (cloudflared) that opens an outbound connection to Cloudflare and holds it there. When a remote workstation needs to reach the clinic, its WolfiePIMS app speaks to the Cloudflare edge over wolfiepims.net, and Cloudflare hands the bytes through that already‑open tunnel down to the server. There is no inbound port open at the clinic. There is no public IP exposed. Nothing arrives unless it has been authenticated end‑to‑end.

Encrypted end‑to‑end No port forwarding No inbound firewall changes No public IP exposed Stable per‑practice hostname Cloudflare backbone

How it fits together

One workstation, one tunnel, one server. The exact same connection model whether the workstation is in the next room or in the next state.

WolfiePIMS Remote Workstation home / branch / mobile Cloudflare Tunnel wolfiepims.net <practice-id>.tunnels.wolfiepims.net stable per‑practice hostname Practice Server Mac at the clinic requests replies

A WolfiePIMS workstation off‑site reaches its practice server through a Cloudflare Tunnel anchored at wolfiepims.net. The clinic’s server initiated the tunnel outbound; nothing inbound is ever opened.

One server, many remote staff

Each practice runs one server and however many workstations it needs — including remote ones. They all reach the same authoritative database, see the same schedule, write to the same medical records.

WolfiePIMS Home Office WolfiePIMS Branch Office WolfiePIMS Mobile Vet (laptop) Cloudflare Tunnel wolfiepims.net acme‑veterinary.tunnels.wolfiepims.net Practice Server single source of truth

Multiple remote workstations all reach the same authoritative practice server through the same per‑practice tunnel hostname. The server doesn’t care where each connection comes from.

What WolfiePIMS staff actually do over this connection

Every WolfiePIMS feature works the same off‑site as it does on the clinic’s local Wi‑Fi. Some of the most common functions that make use of the wolfiepims.net tunnel:

Open the schedule See and edit today’s appointments, double‑book a walk‑in, reschedule a no‑show.
Look up a client or patient Type‑ahead search by name, phone number, or pet name returns the same matches as the front desk would see.
Add a new client or patient Register the family that just signed up at a community clinic event without making them re‑sign anything when they walk in next week.
Write SOAP notes Finish today’s charts from home, including dictation if your Mac supports it.
Review medical history Pull up the full medical and vaccination history of a patient before answering an after‑hours phone call.
Create estimates and invoices Build a quote for a client’s upcoming dental, or finalise an invoice that didn’t get out the door before close.
Take a payment Process a payment on an outstanding balance over the same secure tunnel; nothing about the payment flow changes.
Send statements and reminders Push out the month‑end statements run, or trigger an ad‑hoc reminder for a vaccine that’s about to lapse.
Update inventory Adjust stock counts after a shipment arrives at the clinic, or add a new product line.
Run AI‑assisted diagnosis VetBERT and ViggoVet tools that live on the practice server are reachable from a remote workstation, so even an older laptop with no local AI tooling can ask the server for a differential.
Vaccination certificates & rabies tags Print or email a certificate from the same template the front desk uses, with the same tag‑number sequencing.
Lab results File and review lab reports against the right patient regardless of which workstation receives them.
The list above is illustrative, not exhaustive. Anything WolfiePIMS can do at the clinic, it can do over wolfiepims.net — the only practical difference is that round‑trip times are slightly higher (typically a tenth of a second), which the application is designed for: live name caching keeps as‑you‑type lookups instant, and every database call runs in the background so the interface never blocks waiting for the network.

Security at a glance

  • Encrypted end‑to‑end. Every byte between the workstation and the practice server traverses TLS the entire way; Cloudflare cannot read the application traffic, only route it.
  • Outbound‑only at the clinic. The clinic’s server initiates the tunnel. No inbound port is opened on the clinic’s router or firewall, and no public IP is exposed.
  • No port forwarding. The old “forward 5432 to the clinic and hope for the best” model is retired. There’s nothing for an attacker on the open internet to scan.
  • Per‑practice isolation. Each practice has its own tunnel, its own subdomain, and its own credentials. There is no shared‑tenant database; one practice cannot see another’s traffic, even by accident.
  • Application‑layer authentication. The tunnel itself is just transport. WolfiePIMS still requires its own login, role, and password to reach any record — the same as it does on the clinic’s local network.
  • Revocable. A practice can revoke a workstation’s access at any time without the workstation having to be on‑site to be touched.

Getting started

If you’re a clinic running WolfiePIMS already, the remote‑access path is built into the application; no separate install of cloudflared is required on the staff laptop. Pairing a new workstation to a practice happens entirely inside WolfiePIMS itself; once paired, the workstation will reach <your‑unique‑practice‑id>.tunnels.wolfiepims.net automatically whenever it isn’t on the local clinic Wi‑Fi.

If you’re not a clinic running WolfiePIMS yet, the place to start is wolfiepims.com — that’s where the application itself, the user guide, the trial download, and the marketing material all live.