How To Admin my Home Mac from Work Windows! Proxies and Firewalls Everywhere!
July 14, 2007 11:14 AM   Subscribe

I need a little help setting up remote admin (VNC) access for Mac OS X 10.4.10 from a Windows client at work. Firewalls on both ends, significant port restrictions at work, and

FYI, I've googled this into the ground. The closest I've come to something useful is this post, this post, and this one on, but a lot (read: most) of the crucial concepts are just not sinking in for some reason. Hope Me!

Here's my setup:

1 - Mac OS Tiger computer (acting as a file server) in my home router's DMZ with SSH and Remote Access turned on in the Preferences. Complicating note: I'm presenting SSH over both port 22 and port 443 for reason listed below.

2 - Windows XP Pro desktop at work with local system admin privileges in place. I have both Putty and UltraVNC installed and running. Our proxy only allows outbound connections from ports 80 and 443, hence the complication at home. No big deal, only took about 2 hours and much hair pulling to figure out.

3 - Have successfully set up a account pointing to my home IP, no problem.

Right now, I can connect from work with a Putty session via myurl.blah.blah:443 (to get through my proxy) and it works fine. W00t! I'm badly stuck at the next step, though; how do I then successfully connect with a VNC client from work to port 5900 on the home Macintosh?

Other notes: I have remote access to my desktop at work via RDP using a Java implementation of a Citrix client, which works fine, so I can accomplish all of my config and testing from home. Which is pretty cool, if you ask me.

Thanks in advance, all.

(I know I ask a lot of questions, but my life is so much better thanks to Y'all rock.)
posted by ZakDaddy to Computers & Internet (5 answers total)
Best answer: I suggest using Vine Server to serve VNC from the Mac.
Then you use PuTTY. Set up the host and port under Session, then go to SSH>Tunnels to add source port 5900 (or whatever) and destination localhost:5900 (or whatever port).

Then use VNC Viewer on your work computer to connect to "localhost". Affix a port if you used one other than 5900.

Let me know if you need more help...I've messed around with this stuff a lot lately.
posted by likedoomsday at 11:40 AM on July 14, 2007

Install a SSH tunnel program (the command line ssh client in cygwin, putty can do it as well I think, or tunnelier which I use) and forward a local port (5900 is the obvious choice, but others works as well) through SSH to port 5900 on the MacOS host. The connect to localhost with the VNC client instead of trying to connect directly to the server. That you are connecting to the SSH server through 443 instead of 22 might complicate things, but it should work anyhow.

In this case, SSH (which you got working) will locally listen to the VNC port and when connecting to it will open a connection to your home machine and from there make a new connection locally to the VNC server. There are three different ports and two different host addresses, so getting everything correctly can be tricky. Basically, what you want is:

Listen on port 5900 on the localhost, connect to myurl.blah.blah on port 443, connect to localhost (you are on your home server now) and port 5900.
posted by rpn at 11:49 AM on July 14, 2007

Best answer: likedoomsday describes the settings necessary for putty, although I had to enable "Local ports accept connections from other hosts" to get it to work. Don't know why though, it shouldn't be necessary...
posted by rpn at 12:05 PM on July 14, 2007

Can you use Hamachi and just "bypass" the firewalls between the machines?
posted by JaredSeth at 4:57 PM on July 14, 2007

Response by poster: Rats. Hamachi looked great, but gets flagged and blocked by my employer's netfilter (which is, admittedly, quite efficient; I never have a problem getting to the stuff that actually applies, you know, to my job. :) )
posted by ZakDaddy at 11:40 PM on July 14, 2007

« Older '80sTVMovieFilter: Does anyone remember the title...   |   Can I modify my window mobile home screen... Newer »
This thread is closed to new comments.