NoMachine and pfSense

Forums / General Discussions / NoMachine and pfSense

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #7110
    Avatarmilovan
    Participant

    Hello,

    I am evaluating NoMachine as a solution for external (out of internal network) remote connection. Basic idea is something like: developer 1 and customer 1 see shared desktop of developer 2 which is inside internal network in office. What I understood from documentation, to be able to have multiple connections on a single desktop, I need to have installed on Developer 2 machine Enterprise Desktop version. Right?

    But then, in office there are 10 developer machines behind pfSense router on a dedicated machine. To be able to let people from Internet to see a shared screen of those developers inside an internal network, I would also need Enterprise Server? Or can I configure somehow router to let those connections go in?

    I tried to do port forwarding, but I can bind only one machine on one port. That means for 10 machines I would have to bind 10 port forwards to hit desired developer machine. I also tried with uPnP but it didn’t work (I will give it one more try). So I believe it is not enough to open a port on router as external connection doesn’t know how to connect to precise internal developer station, because they all have internal IP addresses and external user has only our public IP. So I guess Enterprise server solves that or is there a way to configure router do it somehow? I feel like I am missing some pieces in this puzzle, even after I read all possible documentation and articles on NoMachine website. Any help to understand all right and get complete picture is much appreciated.

    Thanks in advance for response and help.

    #7124
    AvatarTom
    Participant

    Hello,

    If I understand your set up clearly, you have 10 developer workstations in your office on your LAN. You have customers/other developers which need to access one/some of/all these computers on your LAN.

    For each of the developer machines you want to provide access to/share desktop with you will need to configure your pfSense router to bind one port for each machine on the internal network.

    For example you can configure (on the router) port 4001 for Dev 1 machine and forward this port to the local IP address and port 4000 of the Dev 1 machine; port 4002 for ” Dev 2″  and forward it to the local IP and port 4000 of the Dev 2 etc.

    Customers can connect to Dev 1 using your external IP and port 4001. Many customers at the same time can connect to one port. Ports 4001 and 4002 are only an example and can be changed.

    For you pfSense router you can forward ports in menu “Firewall”, sub menu “NAT”, tab “Port Forward”.

    Click on the ‘+’ sign to add port forward.

    Set “Destination” to “any”.

    In “Destination port range” set the port to which you want to bind to first developer machine.

    In “Redirect target IP” set first developers internal IP for example 192.168.0.101.

    In “Redirect target port” set to “other” and write 4000.

    Save changes.

    After this you can connect to ‘Dev 1’ from the internet indicating in your external IP address and port xxxx in the player GUI.

    You need to set this up for all the computers, of course, giving another external port for each of them and internal IP.

    #7133
    AvatarBritgirl
    Keymaster

    For the products, you will need Enterprise Desktop on each of the machines that users will be accessing if you are just sharing the physical desktop. Additionally, Enterprise Server is recommended for those scenarios where tens and tens of desktops need to be accessed, so rather than configure your router as many times as you have desktops in your case, you could install Enterprise Server on one host as your entry point and configure your router once. Enterprise Server will then take care of forwarding to the appropriate remote ‘node’. This is documented in more detail here:

    https://www.nomachine.com/DT09K00058&dn=adding%20node#7

    #7140
    Avatarmilovan
    Participant

    Thanks Tom and Britgirl! My understanding is more clear now.

    However, I have one more question related choosing your Enterprise solution: all workstations here are on Linux (Kubuntu precisely). I noticed that specifically for Linux only, there is so called “Enterprise workstation” and for all platforms there is “Enterprise Desktop”. What is a difference between those two? I read your article https://www.nomachine.com/AR10K00702 which explains that Enterprise Workstation offers SSH support and multi connection on user’s machine (up to 4 connections at once). Is “Enterprise Desktop” solution provides some more features like more available connections or?

     

    Thanks again!

    #7148
    AvatarBritgirl
    Keymaster

    Hi milovan, Enterprise Desktop is for access to the physical display (Win, Mac and Linux are supported). It’s like the free version. The difference is that you are allowed unlimited connections to the desktop (for desktop sharing), and of course support. As you read in the article, Workstation is specifically for Linux and lets you run 4 Linux virtual desktops on the host. Also here, the connections are unlimited. E.g you can have 4 different desktop sessions running (they can belong to different users) on your Linux Workstation and as many other users as you want sharing those desktops.

    https://www.nomachine.com/product&p=NoMachine%20Enterprise%20Desktop

    #7162
    Avatarmilovan
    Participant

    Thanks Britgirl, so Enterprise Desktop is a right solution for me. Problem solved. 🙂

Viewing 6 posts - 1 through 6 (of 6 total)

This topic was marked as solved, you can't post.