Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Enthusiast Zone > Networking > How to remote control my Mac... passing through a proxy

How to remote control my Mac... passing through a proxy
Thread Tools
ddregs
Forum Regular
Join Date: Jan 2000
Location: Milan, Italy
Status: Offline
Reply With Quote
Sep 4, 2007, 02:37 AM
 
Hi all,
my question is easier than it may seem.
My main company put navigation through a proxy whose filters are way strict. There is no way to force them to add sites back to the navigation. Sites like groups.google.com (I use them daily seeking help to develop my apps) are no more browsable.
So far, I was thinking of using my Mac at home, with its always-on DSL line, registering it through dyndns or something like that and remote-controlling it from work to use my Safari.
Is there anyone who can suggest me something to try, some sw or any other solution to this?
Tks a lot in advance
Attention, Roland V-Drums drummer here....
     
besson3c
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Sep 4, 2007, 02:52 AM
 
VNC will work (you can enable VNC by going to your Sharing pane -> Apple Remote Desktop, check this, and set Access Privileges -> set "VNC users may control..."

Then, you should be able to access your machine over display 0. If your home machine is behind a router, you will have to set your router to forward requests on port 5900 to your Mac.
     
ddregs  (op)
Forum Regular
Join Date: Jan 2000
Location: Milan, Italy
Status: Offline
Reply With Quote
Sep 4, 2007, 03:05 AM
 
Well, I already tried it this way. Tks for suggesting it
The problem is :
- at work only navigation ports are open (proxy server + firewall), therefore I cannot reach my IP address using a vnc client (it's not working on port 80).
- I tried changing port to my VNC server at home using 80. Then I retried connecting from work with vnc client but no way.
Attention, Roland V-Drums drummer here....
     
Simon
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status: Offline
Reply With Quote
Sep 4, 2007, 03:44 AM
 
Can you open an ssh session (requires open port 22) from your work box to your home machine?

If so, tunneling would help you do what you want.
     
ddregs  (op)
Forum Regular
Join Date: Jan 2000
Location: Milan, Italy
Status: Offline
Reply With Quote
Sep 4, 2007, 04:29 AM
 
I'll have to try it. Never thought about ssh, never used it.
What should I do after verifying if it works? Does it allow to use a remote application on it?
Sorry about my ignorance on the subject.
Thanks
Attention, Roland V-Drums drummer here....
     
Simon
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status: Offline
Reply With Quote
Sep 4, 2007, 04:45 AM
 
If you can open up ssh connections, you can tunnel all kinds of traffic through port 22 to your home machine.

As an example let's take VNC. Set up a local forward so you can tunnel VNC traffic to your home machine over port 22. All you have to do is add the following lines to the ~/.ssh/config file (if the file doesn't exist you'll have to create it):
Code:
Host tunnel User userName Hostname homeMac.dyndns.org LocalForward 5901 homeMac.dyndns.org:5900
where userName is your account on your home Mac. You'll need an address that points to your home Mac. This could be also an IP, but since most ISPs change your IP every so often, you'll likely want to use some kind of dynamic DNS service. In this example I assumed you use dydns.org and called your Mac at home homeMac. Hence the address to your home Mac would then be homeMac.dyndns.org. Of course if you have a static IP enter that in the forward address line. 5900 is the port VNC uses so that's the port we'll be forwarding to. I used 5901 as a port to forward from, but in principle you can use anything you like (of course it shouldn't already be taken by another service) as long as also use that port later on in VNC.

Once you have saved the changes to your ssh config file open a shell and type
Code:
ssh tunnel
and enter your password. Leave that shell window open.

Then, in VNC open up a connection to localhost:5901. You will then actually see the same thing as if you had been able to connect to homeMac.dyndns.org directly. Of course the machine you tunnel to and the destination machine don't have to be the same.*** You could for example tunnel to homeMac.dyndns.org but then set up a forward to homeMacNo2.dyndns.org if you want VNC to connect to that machine. The important thing is that the tunnel machine can 'see' the machine the forward points to and 'talk' to it on the designated port.

When you're done using VNC exit the ssh session to close the tunnel. That's it.

***) In principle you could achieve this without editing the ssh config file if you open up a tunnel with
Code:
ssh -NT -L5901:homeMac.dyndns.org:5900
but the advantage of using the local forward rather than a simple tunnel is that for the local forward the machine you tunnel to and the destination machine don't have to be the same. The regular ssh tunnel always forwards to the machine at the other end. The local forward can also 'bridge' - that is the machine at the other end can connect you to any machine it 'sees' and by that for example forward your connection to a machine on its LAN that you otherwise wouldn't see because it's hidden behind a router.
( Last edited by Simon; Sep 4, 2007 at 04:55 AM. )
     
besson3c
Clinically Insane
Join Date: Mar 2001
Location: yes
Status: Offline
Reply With Quote
Sep 4, 2007, 09:02 AM
 
Originally Posted by ddregs View Post
Well, I already tried it this way. Tks for suggesting it
The problem is :
- at work only navigation ports are open (proxy server + firewall), therefore I cannot reach my IP address using a vnc client (it's not working on port 80).
- I tried changing port to my VNC server at home using 80. Then I retried connecting from work with vnc client but no way.
If the SSH tunneling doesn't work, are you sure you setup your port forwarding on your router on port 80, and are you sure that you have setup your VNC server to listen on port 80? What happens when you do a:

telnet homenetwork 80?

(where "homenetwork" is the IP or dyndns hostname of your home network?"
     
rjt1000
Senior User
Join Date: Jul 2003
Location: Asia
Status: Offline
Reply With Quote
Sep 4, 2007, 09:53 AM
 
Originally Posted by ddregs View Post
Hi all,
my question is easier than it may seem.
My main company put navigation through a proxy whose filters are way strict. There is no way to force them to add sites back to the navigation. Sites like groups.google.com (I use them daily seeking help to develop my apps) are no more browsable.
So far, I was thinking of using my Mac at home, with its always-on DSL line, registering it through dyndns or something like that and remote-controlling it from work to use my Safari.
Is there anyone who can suggest me something to try, some sw or any other solution to this?
Tks a lot in advance
If you have access to port 22 you can use SSH to login to your home Mac and at the same time set up a SOCKS proxy on your home Mac that you access via the SSH tunnel.

You then set your office Mac's browser to use the SOCKS proxy.

If all you want to do is browse the web, this will likely give you much better performance than VNC.

My post in this thread details how to do it.

Also, if port 22 is blocked, you can change the port used by SSH to one that is open as mentioned here and elsewhere.
     
Simon
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status: Offline
Reply With Quote
Sep 4, 2007, 10:17 AM
 
Good point, rjt1000!

If ssh traffic is possible and you simply want to bypass your company firewall to browse the web SOCKS is definitely the way to go.

There's a SOCKS pref in System Preferences > Network > Built-In Ethernet (or Airport if that's what you use) > Proxies > SOCKS Proxy.
     
ddregs  (op)
Forum Regular
Join Date: Jan 2000
Location: Milan, Italy
Status: Offline
Reply With Quote
Sep 5, 2007, 02:38 AM
 
Thanks for all your suggestions.
I will surely try with the proxy method first, all I need is surfin' the web using my Mac dsl line. I will do the first test tomorrow and give feedback.
Attention, Roland V-Drums drummer here....
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 06:59 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,