VPN Screen Sharing?

Similar Messages

• VPN, Screen Sharing & ARD?

  If I VPN into the corp network, then use Screen Sharing to control my corp Mac, can I then use ARD omn my corp Mac to control the rest of the corp Macs?
  I've tried it, but get an error when attempting to start ARD, something like "not authorized," probably having to do with running the underlying VNC both as client and server at the same time?
  Is there a workaround for this?
  TIA,
  Steve

  Hi Steve
  What I've done is this: VPN to a client's network. Use ARD to access the client's server. Then use the built in VNC (Leopard) to control another client mac on the same network. It's slightly strange but does works well.
  I've not seen the problem you've described?
  There is a performance issue with this. Works OK at some sites I support where bandwidth varies from 3.5Mbs to 6Mbs or even 7Mbs. At other sites bandwidth might not be much more than 1Mbs it's incredibly slow and not worth the bother.
  Tony

• Screen Sharing and VPN functionality with ARD

  Can somebody with ARD tell me if the following setup is going to work? There's no demo version so I can't tell if it's going to be worth 300 dollars.
  I have a number of local machines in a network and a couple external machines in other parts of the state that VPN in to the network. I want to be able to have a local machine that can screen share w/ voice reliably with these guys.
  "Reliably" being the key. iChat screen sharing and VNC alternatives do not work reliably at all. They crash, they are slow, they sometimes disconnect video and keep the audio. Or some days they work perfectly, but that's few and far between. Zero-conf services like MacHelpMate work just fine, but I'm reluctant to pay 600 a year for something like this.
  Is ARD going to be able to be able to fix this problem for me, or am I really just going to end up with more of the same issues?

  ARD uses VNC for observation and control, so if you're having problems with iChat screen sharing and with VNC clients, I would not expect that ARD would be any better. My suspicion is that your network and/or VPN are cutting things off, since most people have found iChat sharing and VNC to be pretty reliable, but without being able to perform reliability tests on your network to VPN clients, I can't say for sure.

• Remote desktop / screen sharing / VPN questions

  Hi all-
  OK, I am trying to set up our all-mac environment to do something in particular - but I am only 'novice' level at VPN stuff and 'noob' to the Apple Remote Desktop and Screen Sharing stuff. I already have screen sharing set up, and also have back to my mac set up - but these both seem to be 'whole computer' control methods, where the remote user takes over the entire target machine. I have a different need, but don't know what terms to use to describe it or how I might achieve it.
  Environment overview:
  2014 iMac, 2009 13" MacBook Pro, 2009 17" MacBook Pro - all running Yosemite.
  2013 AirPort Extreme handling the LAN, both wired and wireless. iMac is wired, MacBooks are wireless.
  iMac: Two users (UserA and UserB, both admins).
  MPB13: Two users (UserB as admin and UserC as standard).
  MBP17: Two users (UserA as admin and UserD as standard).
  I am wondering if this is possible to do, and if so - HOW? :
  UserB sits at the iMac, and is using it. UserA sits at MBP17 and wants to get something done on the iMac, so UserA logs into MBP17 as UserA then remotes into the iMac as UserA and does what they need to do in UserA's iMac account - without making UserB (who is still sitting at the iMac and using it) stop what they are doing.
  Hope this makes sense, and am looking forward to your input.

  UserA must have a user account set up on the iMac that is different from UserB. With this set up when UserA initiates a Screen Sharing session with the iMac from the MBP17 they will just need to log in with their user account. When they do that a dialog box will pop up asking if they want to share the display with the user currently using the iMac, in this case UserB, or if they want to connect to a Virtual Display, which would give them their own environment separate from UserB who is already logged in and using the iMac.
  Here is an example of the dialog box UserA should see when they attempt to start a screen sharing session with another Mac in which another person is already login in and using the Mac. In this case UserA will select the option to connect to the Virtual Display which allows them to work on the iMac without disturbing the user that is already using the computer. Note that the user already using the iMac may experience a slight performance hit because two users are using the resources on the one computer.
  As for the acronym VPN, it stands for Virtual Private Network which is a protocol for making a encrypted secure connection over a public network between two or more separate networks. Screen Sharing actually uses a protocol called VNC which stands for Virtual Network Computing.

• Screen Sharing through iChat over VPN

  Does anybody know how to make screen sharing with iChat work over a VPN? It used to work for me but now it only seems to work in one direction. I was testing it earlier today and this is what I saw:
  VPN client shares their screen with a machine on the physical local network - OK
  VPN client requests the screen of a local machine - Fails with "did not receive data error" after a brief audio-only connection.
  Local clients shares their screen with VPN clients - Fails with "dd not receive data"
  Local clients requests the screen of a VPN client - Fails with "did not receive data"
  The VPN is definitely the culprit, the machines can screen-share fine outside of it, and can curiously screen-share fine with the server on our local network when they are VPN'ed in, just not with each other. The server is running 10.5.4.
  Anybody have any experience in making this work?

  Livebox devices tend to be actually made by Sagem
  See this list http://portforward.com/routers.htm
  IS the model you have listed ?
  It may help if the ports are opened by UPnP as Screen Sharing tends to use more random ports that basic Video/Audio chats.
  10:23 PM Monday; January 21, 2008

• Can you use screen sharing outside of your local network?

  I've been poking around with the "screen sharing" in osx Lion. I have a few questions about it.
  Firstly, is the built-in screen sharing only accessible through the finder?
  Also, is it only available on local networks? I've gotten it to work on two computers on the same network. But, can I use in the built-in screen sharing to look at my work iMac while I'm at home on my Macbook? Or would I need a full VPN client to do this? (Although isn't there built-in VPN compatibility in Lion?)
  Thanks!

  Go here..
  https://discussions.apple.com/message/16439571#16439571
  ... and read my post explaining the different ways to share your screen.  Things should be a little clearer for you, I hope.
  Bob

• Upgraded to Yosemite and can no longer remote into my work iMac through screen sharing- it is turned on in settings?

  My screen sharing functionality did not show up in the dock with an updated icon.  It had a question mark- shows my connections but nothing works, I did make sure screen sharing is on and also connected to VPN.  Once I tried to launch screen sharing nothing happens.  Such an elegant solution in Mavericks not does not work. Ugh. Help!

  This is the post that got me set up- I too am running an older version at work vs. Yosemite. As soon as I followed is advice everything worked.
  Upgraded to Yosemite and can no longer remote into my work iMac through screen sharing- it is turned on in settings?
  I believe the location of the "Screen Sharing" app has changed, which explains why if you had it in the dock it has been replaced by a ?
  Don't forget you can launch screen sharing (once your VPN connection is up) by typing in the Safari destination slot vnc://remotemachinename:portnumber  (omit the :port number if you are using the default VNC port, 5900).  This should launch Screen Sharing and put its icon in the dock.  You can drag the Screen Sharing icon to the left of your dock and it will hopefully remain there after you exit Screen Sharing, or you can right-click on the icon when it's running and select Options->Show in Finder to find out its new location and drag its icon to the permanent entries in your dock.
  Hope this helps; worked for me.

• Screen Sharing works for alien hosts but not for LAN hosts

  Hello!
  I am having a really strange problem in a customer network. The network is a local private network with one MacOS Server 10.6.8 and around 12 iMacs running MacOS 10.6.8. The server is running headless in cellar so the user maintain the backup via screen sharing from an iMac to the server.
  Since a few weeks they can not login to the server via screen sharing from any local host BUT I can login from my MBP (alien) via ARD or Screen Sharing without any problem. Even hosts connected to the network via VPN can connect to the server via screen sharing.
  In short:
  Every local host gets a message that login is not possible and my MBP and VPN-hosts get connected without any problems with the same credentials.
  At the local clients I get this message in system.log:
  Oct 28 09:33:41 verwaltung1 LKDCHelper[228]: Starting (uid=501)
  Oct 28 09:33:48 verwaltung1 com.apple.launchd.peruser.501[166] (com.apple.Kerberos.renew.plist): Throttling respawn: Will start in 530 seconds
  Oct 28 09:34:17 verwaltung1 /System/Library/CoreServices/RemoteManagement/AppleVNCServer.bundle/Contents/Ma cOS/AppleVNCServer[195]: CGSKeyTranslateInitialize: KLGetCurrentKeyboardLayout or KLGetKeyboardLayoutProperty is not available, fall back to USA keymap
  and at the server I get:
  Oct 28 09:33:48 solserv AppleVNCServer[11503]: no such user: adminloc@LKDC:SHA1.DE03ABCC86F74D11AD139E44388D6B94155B4D9E: 2
  When I connect from VPN or my MBP I get no messages in system.log.
  I tried to kickstart ARD at the server but it does not change anything, I bound the clients to OpenDir of the server with no effect also.
  I do not have any idea what is happening here. Every help is welcome,
  Christop

  Hello MrHoffmann!
  changeip says "The names match. There is nothing to change."
  To give more infos, the server and all the clients are connected to the same network switch, all belong to 192.168.183/24 and when I use my MBP, it is connected via WLAN and gets an IP-address from this server with an IP from this range. my MBP is in the same broadcast domain.
  VPN clients connect via PPTP to the gateway (192.168.183.1) and get IP addresses assigned from 192.168.183.48-52.
  There is no routing between the clients and the server.
  There is no other problem - every client reaches the server for file serivces (AFP/SMB), smtp, imap, DHCP and DNS.
  BTW. screen sharing from the clients worked without a problem when I first setup the network about 1 year ago, but since a few weeks no client that belongs to this network can use screen sharing except for my MBP when I am at customer site.
  History:
  The new SLS is a replacement for an old Windows 2000 Server. Both servers ran in parallel for some time but within different IP-networks (all Macs at 192.168.183/24 - all Windows at 192.168.2/24) the gateway routed between both networks. But now it is time to switch off every windows computer because every service now runs at the SLS. AFAIK the windows 2000 Server is the last Windows machine in the network. We switched off DHCP at the windows server and switched on DHCP at the SLS a few weeks ago. Hm .... maybe there is something wrong? But the clients have fixed ip-addresses.
  Still wondering what is going on here, bye,
  Christoph

• Screen sharing doesn't work without a gateway

  I'm back from a short trip and find that my gateway died in the meantime.
  I have a LAN with quite a few Macs, some of them being Mac minis used as servers with no attached screens.
  I can't use screen sharing anymore on my LAN to control any Mac that has not been set up to use my failover gateway. Only the Macs whose network set up has been changed to fully use the failover gateway can be controled. Unfortunately, this gateway and has limitations not allowing me to use it with every Mac/iPad etc. here. If I set up a Mac to use the failover gateway, but with no internet access allowed, that Mac remains uncontrolable with screen sharing.
  So I'd like someone more experienced to answer these questions:
  - How is it that an operational gateway with a working internet access is mandatory for LAN screen sharing ?
  - Are authentication services responsible for the troubles here ?
  Help would be greatly appreciated,
  JM

  While I understand the terms, I do not yet fully understand what your IP network looks like.
  By "usual gateway", are you referring to a hardware device — commonly called a "gateway router" — that's been replaced here, or to the IP gateway settings present within most (all?) hosts on an IP network?
  IP needs a gateway for traffic outside of the subnet.  That commonly includes DNS traffic, either from the DNS server(s) on your LAN, or for IP hosts that are communicating more directly.  This can also include determining the source of in-bound IP traffic, as that involves DNS translations.
  Swapping gateway routers can also sometimes require flushing the ARP caches, depending on what hardware and software is involved.  (Normally the new device will broadcast that on the LAN and thus update the caches, but sometimes things get a little wonky.)  This if it's at the same address.  If it's at different addresses, then the DHCP server, DHCP clients and static-addressed hosts all need to be updated.
  In general (and because I'm not certain of your configuration), I prefer to avoid using Macs as IP routers, as they're expensive for and comparatively clumsy at that task.  I prefer to use dedicated devices for that, and often preferanly including an embedded VPN server as I'd mentioned earlier.
  Again, I'm not clear about your configuration, so the above might not address your question.

• Is there a single click VNC/screen sharing server for OS X?

  First, if this is posted in the wrong section then please forgive the error and relocate the post to the appropriate section.
  I'm looking for a small distributable single click screen sharing system for tech support purposes. I generally support Windows users but sometimes need to quickly gain access to remote OSX systems from fairly clueless users. Every minute I spend explaining something that the user does not want to know or does not need to know is a waste of our mutual time. Thus I'm looking for something similar to UVNC single click for OSX. That is a distributable VNC server reduced to about 250KB or less that can be configured to automatically connect to a listening viewer on launch.
  Is there a program or perhaps an executable script file that will initiate such a connection?

  Start with Applications -> Automator. You can have it "Record" the setting up of the VPN server of your choice.
  Then there is AppleScript, but for me that generally requires a book and Google searches to find examples close to what I want to do.
  It may be possible to do some stuff via Unix shell scripts (sh, bash, awk, perl, python, ruby, etc...) and then invoke this via an Automator action, an AppleScript command, or just wrap the shell script using Platypus (search Platypus at VersionTracker.com).
  If you need to configure the customer's Mac OS X firewall, that might also be an Automator action, or since the firewall is really the Unix ipfw (man ipfw), that could be a use for shell scripting.
  If you need to fetch stuff from the web as part of your installation, you could use something like /usr/bin/curl in a shell script.
  Setting up automation can be difficult and I'm not making light of the task. What might look like a good approach may find that the last 5 inches just can be done and you have to back track and use something else. And then there are the variables created by the fact that every customer will be different and you will find that some expected situation doesn't exist because the customer has customized something.
  NOTE: The Vine Server (aka OSXvnc) can be setup to make a reverse connection. It may even be possible to use an Automator script to setup that connection for you, specifying the address.of.your.VNC.client and port number you are using.
  Or create an AppleScript (which might be more robust than Automator).
  Or establish an example reverse setup, then using "ps -axlww" see what the actual server command line looks like, then create a shell script wrapped by Platypus to do this for the customer.
  OK, your turn to go chasing down dead-ends and practice backing out. After all you are the one that is going to get paid, I'm just doing this for fun
  However, if you need to configure a customer's router that could be a problem as every darn one of them is different.

• Screen sharing without permission under mavericks?

  Googling didn't give me a decisive answer, and I expect the answer is "you can't", but thought I'd ask here to save others the trouble.  The question: How can I set up screen sharing on my home network so that I don't have to go downstairs or upstairs an accept the screen sharing request every time I want to share a screen on another machine on my home network?

  Found the solution.  Go ahead and choose The Log In option.  You will get a new session on the remote Mac.  Now, choose Log Out from the Apple menu and then login with the user credentials on the Mac (the Remote Mac's user credentials).  You will then get the session that exists for that logged in user.
  I work in an active directory domain environment (my work iMac is on the domain and I log in with an AD account), this works for me (after establishing a VPN). 
  It is a little trouble to always have to choose Log Out, but a much cheaper solution than Apple's Remote Desktop software.

• Screen Sharing.app fails through ssh tunnel with "You cannot control your own screen"

  I need to control a remote Mac mini running 10.7 through an ssh tunnel.  I've set up ssh with -L for the appropriate ports, and bound my local ports 5900 and 5800 through this.
  When I connect to 127.0.0.1 with Screen Sharing.app on my macbook pro which runs 10.8.4, it says "You cannot control your own screen" however, screen sharing is not enabled locally on my machine, I'm trying to access a remote machine.
  I tried something else.  I created an alias IP of 127.0.0.2 on lo0, and tried again, and got the same thing, so it's doing an ifconfig and looking through all the IPs to see if the IP address of what I'm trying to connect to is bound locally, which defeats the purpose of tunneling through SSH.  I don't wish to setup a VPN.
  How do I let the Screen Sharing.app know that I'm not trying to connect to my own machine and it should skip this check.
  I've also tried with another app, Chicken of the VNC, and that almost works.  It connects and shows a login screen desktop to the target machine, but I'm unable to click on any of the account icons displayed in order to login, and all key presses such as tab, space, and enter are ignored.
  When at the location (on the same vlan as the target machine) I'm able to remote into it just fine with screen sharing.app, but Chicken of the VNC has the same issue of showing a login screen, but not allowing logins to it.

  Your ssh command should look something like:
  ssh -L 22590:localhost:5900 remove.mac.system.address
  Then you connect using
  Finder -> Go -> Connect to server -> vnc://localhost:22590
  Have you been doing anything close to that?

• ARD and Screen Sharing?

  I want to be able to provide screen sharing access for my users when the connect via VPN however when I switch screen sharing on I can't use ARD to administer their machines.
  Is there a way around this?

  You don't/can't enable Screen Sharing when using ARD. When using ARD, screen sharing is handled by clicking the Remote Management box in the Sharing system preferences. You can't have one or the other.

• Lync 2010 Screen sharing issues.

  hi all i am working on resolving a long standing problem that i have inherited form the previous admin.
  our Lync2010 infrastructure for the most part works great the only issue being when external users trying to do screen sharing and file transfers.
  after doing some testing with sharing and file transfers with at different locations this is what i have found.
  Internal ---> Internal ---- Works
  Internal ---> External ---- not work 
  Internal ---> External(On VPN) ---- work
  External ---> Internal ---- not work
  External ---> External ---- not work
  i checked the infrastructure setup.
  Public DNS A record AV.extdomain.com that points to an IP of our firewall 
  Firewall then NATS's the traffic on that IP to an IP allocated to the  NIC on the edge server in the DMZ over ports 443 / 3478 / 50000 - 59999
  AV.domain.com ---> xxx.xxx.183.117 ---> xxx.xxx.112.117 443/3478/50000-59900 (TCP + UDP)
  oddly when monitoring this i cant see any traffic flowing on this rule (this could be the issue)
  having reviewed some of my logs i found this entry with Snooper
  ms-client-diagnostics: 23; reason="Call failed to establish due to a media connectivity failure when one endpoint is internal and the other is remote";CallerMediaDebug="application-sharing:ICEWarn=0x80020,LocalSite=10.26.160.198:4481,RemoteSite=192.168.254.147:1552,PortRange=1025:65000,LocalLocation=1,RemoteLocation=2,FederationType=0"
  Content-Length: 0
  i also cant telnet onto the public IP of av.extdomain.com xxx.xxx.183.117 over 443 or 3478 or any of the others ports.
  am i right in thinking that AV ip address should be accepting connections over those ports and as it is not that's my problem?
  i may have answered it my self just wanted a 2nd opinion.
  Many thanks
  Gordon

  Some quick thoughts: Make sure those ports are bi-directional, meaning you have access both out and back in.  Make sure the NAT for those IPs works in both directions, meaning that if you nat 183.117 incoming to 112.117, then 112.117 on the way back
  out looks like 183.117.  Make sure that 3478 is UDP, not TCP.  Take those ports all the way up to 59,999.
  All that said, you should be able to telnet to av.domain.com on 443 from the outside and get a connection.  You won't get a result from a web browser as this isn't https, but a telnet should at least connect.  You won't be able to telnet to 3478
  because that's UDP, the other ports are dynamic so don't worry about them for now.
  Check out James Cussen's tool here for port testing:
  http://www.mylynclab.com/2014/02/lync-edge-testing-suite-part-1-lync.html
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
  SWC Unified Communications

• Screen sharing privacy....?

  Is there any way to lock the remote screen?  Our security admin will not allow VNC on our VPN for Mac screen sharing as screen on controlled Mac turns on and anyone can watch what you are doing.  Any ideas?  Guessing may need to install Third Party software.
  Thanks in advance.
  Andrew

  I don't have an answer to that question, but your security admin really ought to be aware that having untrusted people around machines with sensitive data is inherently insecure.  If the concern is that janitorial staff or whatnot may be able to get access to sensitive data after hours, note that they could do that already with nothing more than a hard drive containing Mac OS X, unless the data is encrypted somehow.  The same would be true of Windows.
  So if your admin's concerns are justified, you obviously need something more secure than screen sharing, but you also need some form of encryption in place, if you don't already.