Hi all,
I am looking at using ultravnc to support some remote servers... I have been using TeamViewer temporarily.
I have set up a machine behind the firewall that is running repeater and have port 5901 forwarded (for now, will change to a non default port eventually) and and seems to work.
Right now I am just using a simple password to test but will eventually move to a certificate base authentication I hope, if it works.
Although i am decently versed in network technology i am having a hard time understanding repeater mode I and mode II.
Can someone provide some real work examples of mode II. Mode I seems to be all i need? I just want to go through the repeater and hit all servers on the same network as the repeater.
Does mode II provide additional security, or is it for some other purpose?
Thanks in advance.
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
repeater mode I and II
- Rudi De Vos
- Admin & Developer
- Posts: 6843
- Joined: 2004-04-23 10:21
- Contact:
Re: repeater mode I and II
Mode I
viewer 12.12.12.12:5000 and proxy/repeater your repeater
The repeater try to forward the connection to 12.12.12.12:5000
Repetaer need to be able to connect to the destination ip
Viewer is outgiong, server is listening
This is more or less the same as port forwarding
Security:
You need to proper define the allowed ports and ip destinations.
Mode II
viewer connect to repeater using an identifier
server connect to repeater using an identifier
The repeater cross streams when the identifier is the same.
You have 2 outgoing connection. Server and Viewer can be behind a NAT router
Security:
*Instead of using a high security repeater we put encryption on the server<->viewer data.
-The repeater vcan only read the initial identifier, but all other data is encrypted
That's why you always need to use the encryption modules
viewer 12.12.12.12:5000 and proxy/repeater your repeater
The repeater try to forward the connection to 12.12.12.12:5000
Repetaer need to be able to connect to the destination ip
Viewer is outgiong, server is listening
This is more or less the same as port forwarding
Security:
You need to proper define the allowed ports and ip destinations.
Mode II
viewer connect to repeater using an identifier
server connect to repeater using an identifier
The repeater cross streams when the identifier is the same.
You have 2 outgoing connection. Server and Viewer can be behind a NAT router
Security:
*Instead of using a high security repeater we put encryption on the server<->viewer data.
-The repeater vcan only read the initial identifier, but all other data is encrypted
That's why you always need to use the encryption modules
-
- Posts: 2
- Joined: 2020-01-19 06:12
Re: repeater mode I and II
Ok, i think i might understand.... So in Mode II the repeater might run in the cloud, not at the office. Therefore no need to forward ports at the office to the repeater.
- Rudi De Vos
- Admin & Developer
- Posts: 6843
- Joined: 2004-04-23 10:21
- Contact:
Re: repeater mode I and II
Mode II
No forward needed at office and home(client) as both connect to the repeater running in the cloud.
No forward needed at office and home(client) as both connect to the repeater running in the cloud.
-
- 40
- Posts: 68
- Joined: 2017-09-13 00:40
Re: repeater mode I and II
So when using the repeater it is *not* possible to make a "reverse connection" (i.e. SocketConnect=0), as can be done with a direct "server" <=> "viewer" connection?Rudi De Vos wrote:Viewer is outgiong, server is listening
- Rudi De Vos
- Admin & Developer
- Posts: 6843
- Joined: 2004-04-23 10:21
- Contact:
Re: repeater mode I and II
Mode II: Both are outgoing
Viewer or server can initiate the connection, a reverse connection is possible.
Mode I: server is listening, viewer is outgoing ( This act the same as port forwarding)
Viewer or server can initiate the connection, a reverse connection is possible.
Mode I: server is listening, viewer is outgoing ( This act the same as port forwarding)