Access to Mac endpoint

1 users found this article helpful

Resolution

Please note that this is not an officially supported solution from Awingu. This is a method to implement remote access, however usage of this method should be done at own risk. This article is designed to guide and assist with providing remote access to Mac client devices. This procedure can also be used for other VNC endpoint devices.

By default, connecting to a Mac device via Awingu is not possible as Apple Macs do not make use of the standard RDP protocol. There are many possible solutions for connecting remotely to a Mac via Awingu. Howeve, some are rather cumbersome and sometimes unreliable (xRDP, designed for Linux, but in some cases possible to use with Mac) and some are costly (third-party solutions for implementing the RDP protocol in a Mac device).

Mac does however make use of the slightly old-fashioned VNC protocol. It is possible to publish the (free) noVNC client on a Linux server, and implement this as a reverse proxy web app in Awingu. This provides a secure and easy VNC access to the Mac endpoint devices, whilst still ensuring the environment and the users are fully protected by all of Awingu's security features.

It's not necessary to install anything additional on the client device or the Mac endpoint.
This approach does require 1 additional Linux middle-man server for handling the VNC connections.

 

This guide will explain the process for configuring VNC access on a Mac, installing NoVNC on a Linux server, configuring NoVNC to provide connectivity to a VNC endpoint, and publishing this as a reverse-proxied web application in Awingu.

 

  1. Follow the instructions below on the Mac Endpoint to configure VNC connectivity on Mac
    1. Go to the System Preferences and under the Internet and Wireless heading, click on Sharing.
    2. Enable the Remote Management checkbox.
    3. Click on Computer Settings and enable “VNC viewers may control screen with password:”
    4. Provide a password and click “OK”.
    5. (Optional) Click on Options and enable any other permissions needed.
       
  2. On the  Linux middle-man server, launch a terminal command line. Enter the command below and press Enter to install the NoVNC application on the Linux server.
    sudo snap install novnc 
     
  3. Configure NoVNC as a service, so that when someone (or in this case the Awingu appliance) connects to a specific port on the Linux server via the web browser, NoVNC will automatically connect to a specific VNC endpoint (the Mac for example).
    This needs to be done with a separate service/port for every VNC endpoint.
     
  4. In the terminal command line, enter this command and press [Enter]:
    sudo snap set novnc services.n6082.listen=6082 services.n6082.vnc=172.22.2.154:5900 (example command) and press Enter.
    1. set novnc services.n6082.listen=6082 - This part of the command creates the service named n6082 and configures it to listen to port 6082 of the Linux appliance. For every additional VNC service, use another port number.
    2. services.n6082.vnc=172.22.2.154:5900 - This part of the command configures the novnc service n6082 to create VNC connections to the VNC host (in this example, the Mac device) 172.22.2.154 on port 5900 (default VNC port).
    3. The above details (the service name, port, VNC host IP address and port of the VNC host) will need to be adjusted if necessary.
    4. It's possible to list the currently running NoVNC services with this command: 
      sudo snap get novnc services

       
  5. Log in to the Awingu environment and open System Settings.
  6. Go to Manage Applications.
    Click Add > Reverse Proxied Web Application.
    1. Icon: Upload an icon for this web app
    2. Destination URL: http://<IP address of your linux appliance>:<novnc connection port>/vnc.html?port=80&host=<source host header>&autoconnect=1
      Example: http://10.1.10.123:6082/vnc.html?port=80&host=novncmac.example.com&autoconnect=1
      Important: The port here is configured as port 80 for connection. The host and port parameters in the URL above refer to the host header used to access this reverse proxied web application and the port number (typically this will be 80 (HTTP) or 443 (HTTPS))..
    3. Source Host Header: The host header of the URL which will be used for accessing this reverse proxied web application.
    4. User Labels: Add labels of users who need to be able to see this specific app in Awingu for the specific VNC host.
    5. Rewrite Content: Ensure this is set to Enabled.
    Name: Add a name for this web app
  7. Log out of and back into Awingu. Launch the new web app. This app will open in another tab, and should connect immediately to the VNC endpoint. It may be necessary to first enter a password in NoVNC. On the left-hand side, there are extra controls for shortcut keys, the clipboard, full screen, display scaling etc.

For each VNC endpoint: use the steps above, but use a different port each time (so not 6082 ).

 

Useful links:

Was this article helpful?

Tell us how we can improve it.