ARD setup for two macs over the internet

Discussion in 'Mac OS X Server, Xserve, and Networking' started by ServiceTag, May 10, 2017.

  1. ServiceTag macrumors member

    Joined:
    Oct 21, 2008
    #1
    want to remotely control two Macs in the office (MacMini's with 10.10.5) over the internet from other two MMs, each has own ARD
    After Port Forwarding 5900&3283 ports (using ATT/Arris router NVG599) I could make it to work but only for one at the time, not for both...
    Asked Apple for help and was told it won't work unless I have static IP@..

    So I got static IP@ but I'm newbie in network setup so I'm lost here how to set it up.
    I will appreciate any help to make it work.
    TIA
     
  2. Marshall73 macrumors 6502a

    Marshall73

    Joined:
    Apr 20, 2015
    #2
    Would it not be easier to setup a site to site vpn?
     
  3. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #3
    So, you have two Minis in the same office and you want to remote control either one of them, correct?

    I am not familiar, at all, with ARD, but I know you cannot forward the same port to two internal IPs.

    You need to port forward two separate ports, say 3283 and 5900 to Mini 1 and 3284 and 5901 to Mini 2. Those will each forward to 3283 and 5900 on each Mini.

    For example:
    1. WAN port 3283 -> Mini 1 port 3283
    2. WAN port 5900 -> Mini 1 port 5900
    3. WAN port 3284 -> Mini 2 port 3283
    4. WAN port 5901 -> Mini 2 port 5900
    Now, if you can specify the ports on the ARD client, you should be able to accomplish this.
     
  4. ServiceTag, May 10, 2017
    Last edited: May 10, 2017

    ServiceTag thread starter macrumors member

    Joined:
    Oct 21, 2008
    #4
    port forward for those two separate ports in Arris router is giving me headache...
    Under Custom Services I have following and it's working for Mini1:
    Name Global Port Range Protocol Host Port
    ARD 3283-3283 TCP/UDP 3283
    ScreenShare 5900-5900 TCP/UDP 5900

    When I did this for Mini2 it didn't work, but I'm sure I have it all wrong since
    that gave me "Pinhole Conflict Detected" error..
    ARD2 3284-3284 TCP/UDP 3284
    ScreenShare2 5901-5901 TCP/UDP 5901

    However this combination have no errors but it doesn't work either
    ARD2 3283-3283 TCP/UDP 3284
    ScreenShare2 5900-5900 TCP/UDP 5901


    Thank you for help.
     
  5. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #5
    Yes, the second set is incorrect, but you are so close.

    From what I gather, ARD listens on 3283 and 5900. So, both Minis are listening on the same ports on the LAN. On the WAN side, you must use unique global ports, but they forward to the same host ports, but to different IP addresses.

    You want the outside WAN ports (3284 and 5901) to point to the LAN ports 3283 and 5900 on Mini 2.

    Here's a guide:

    http://screenshots.portforward.com/routers/Arris/NVG599/NAT_Gaming_Custom_Services.htm

    Global Port = 3284, 5901
    Base Host Port = 3283, 5900
     
  6. ServiceTag thread starter macrumors member

    Joined:
    Oct 21, 2008
    #6
    so for Mini2 I need to have ARD2 Global Port Range 3284-3284 with Host Port 3283 and Screen Share2 5901-5901 Base Host Port 5900? Is that right?
    I'm getting Pinhole Conflict Detected XXX error..
     
  7. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #7
    I found something, and it's not good:

    https://serverfault.com/questions/7...s-nvg599-results-in-pinhole-conflict-detected

    Specifically:

    This means AT&T's image for that router doesn't support the base host port being the same. I have never heard of this issue before on any other router.

    The only way around this with the current router would be to move the ARD ports on the Mini to 3284 and 5901. I'm not sure that's even possible.
     
  8. ServiceTag thread starter macrumors member

    Joined:
    Oct 21, 2008
    #8
    Oh men, that's not good news. So 5 static IPs are not going to help in this issue either, correct?
    Last time I talked to Apple I think they mentioned ARD can't work on anything but 3283 and 5900 ports..
    I guess I'm out of luck. I guess the only option would be to get another router?
     
  9. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #9
    Static IPs are not the issue. I'd check with AT&T to see what routers they support and see what's possible.
     
  10. ServiceTag thread starter macrumors member

    Joined:
    Oct 21, 2008
    #10
    OK, I will do that and see what they say. Thank you Sooo much.
     
  11. Flint Ironstag macrumors 6502a

    Flint Ironstag

    Joined:
    Dec 1, 2013
    Location:
    Houston, TX USA
    #11
    This is your easiest solution.
     
  12. Longer Lane macrumors member

    Longer Lane

    Joined:
    Oct 30, 2015
    #12
    Just to trow in my $0.02:
    If you use external ports MiniA(3283,5900) and MiniB(something else 1, something else 2), you need to specify in ARD on the controlling machine, that you are using ports (something else 1, something else 2).

    Re Pinhole error:
    Can you put the Arris into bridge mode and then use an Airport Extreme as your firewall/router?
     
  13. Marshall73 macrumors 6502a

    Marshall73

    Joined:
    Apr 20, 2015
    #13
    I don't mess around with cheap routers so i always have some sort of VPN access available. If it's 2 offices for the same company then a site to site vpn is a fairly sensible option. Opening ports to the outside world isn't really a good idea these days.
     
  14. satcomer macrumors 603

    satcomer

    Joined:
    Feb 19, 2008
    Location:
    The Finger Lakes Region
  15. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #15
  16. satcomer, May 18, 2017
    Last edited: May 18, 2017

    satcomer macrumors 603

    satcomer

    Joined:
    Feb 19, 2008
    Location:
    The Finger Lakes Region
    #16
    Yea I know but an offical document to all the ports an Apple user might need to put through a third party router!

    Plus I did see maybe using something like GreenWorldSofts VPN Server/client.

     
  17. Les Kern macrumors 68040

    Les Kern

    Joined:
    Apr 26, 2002
    Location:
    Alabama
    #17
    Unless you need the specific functionality of ARD, why not just make the Mini's use Teamviewer?
     
  18. adam9c1 macrumors 65816

    adam9c1

    Joined:
    May 2, 2012
    Location:
    Chicagoland

Share This Page