SSH reverse tunneling and ARD - Multiple clients?

Online now: Google [Bot], Kirk, maurvir, Pariah, Vulture
Post Reply
obvs My password is "contraseña"
Send private message
So I am trying to set up a bunch of external Mac systems to be controlled by Apple Remote Desktop, but the clients will be outside of the network.

So I am wondering about the possibility of setting up a reverse tunnel triggered by a Jamf policy so the Macs can connect to a server within the network.

My question is whether it will be possible for multiple IT team machines to control multiple externally-connected machines simultaneously, or whether it would require opening a range of ports.

I believe it would require opening a range of ports, and having each client connect to one port, and then having the IT team member connect to that same port on the server.
dv
User avatar
Pretty sure it'd be one-port-per-machine. Compellent did something similar for the Phone-Home support mode in its storage controllers, and we had to allocate new console servers as the number of customers grew.

I'd think a VPN client/appliance would be more supportable than a linux machine with a bunch of custom IPTables work, though.
obvs My password is "contraseña"
Send private message
:lol:

You haven't dealt with the security clown at my workplace.
dv
User avatar
obvs posted:
:lol:

You haven't dealt with the security clown at my workplace.


Well how do they do remote workforce stuff as it stands now? :squint:
obvs My password is "contraseña"
Send private message
They use a product from a company that could best be described as a "fly-by-night", and which I am migrating them away from as quickly as possible.
dv
User avatar
Well, if you want to keep it stupid simple, it won't be the cheapest option, but just get a Cisco or Sonicwall VPN appliance and use the appropriate client software to dial in.

When people are logged in, they'll have access to work stuff, and you'll have access to their stuff to apply updates/rules/profiles. (I've used both at different jobs - there are MacOS clients and they work fine. VPN clients are pingable from inside the corporate network.)
Subsequent topic  /  Preceding topic
Post Reply

SSH reverse tunneling and ARD - Multiple clients?