There are some jobs... that you just don't wanna go half way across town for... or perhaps... I just don't wanna go out.

Either way, I've been thinking of investing in Apple Remote Desktop for quite some time now, yet am hit by several impasses.

1. I know buggerall on how to use it as I've never used the software, or anything like it.

2. Firewalls.

Now it doesn't necessarily have to be ARD.

Chicken of the VNC appears to do the same thing, yet for .... free!

However... I'd still be up against the old Firewall problem.

Then had a play around with HamachiX - and yes - this sneaky little bugger will get round most Firewalls... but... it does not look like it can really do... the kinds of things that ARD or the Chicken can do.

But I may be wrong.

Either the Chicken or ARD, if there were no Firewall in the way, could make it possible to service customers who's current Mac problems are miniscule - and a lot of them are - like:

"Hi - I'm in iPhoto and I can't see my Library."

And quite often, there are certain customers who either ... can't listen and follow instructions - or - don't want to and demand a call out.. and I'm 40km away.
Using a Remote system so that I could clearly see and access what they are seeing, would be spendiferous. It would also allow me to talk to them on the phone, while they watched what was happening on their screens.

HamachiX certainly appears to bust a hole through the Firewall... but then the applications on the other machine seem to see me as if I were another user - so for instance, if the problem was with Entourage, double-clicking Entourage opens a whole new e-mail account - and HamachiX doesn't show me their screen - shows only what you'd see if you networked one Mac to another.

I'm really a visual person and my tiny brain just cannot cope with seeing code - which is why I avoid the Terminal where possible... regardless of how amazingly useful it is.

Ideally, what I'd love is a cross between HamachiX and either Chicken or ARD.

Or... getting back to the Terminal - which in all honesty is not my field, some kind of command that could be typed in, that would instantly reveal a customer's Dynamic IP Address, which could then be made into an a tiny Application, placed into the Dock, and when a problem crops up and they call me for help, I could ask them to click once on this App - they read out the numbers it displays, I type the IP into either the Chicken or ARD, and I have a connection with their Mac OS X computer from... anywhere.

Any ideas folks?

PS: Complex networking language confuses me. The whole thing confuses me. All I know is that I don't wanna travel 10 km away to do a job that takes 5 minutes - and yes - I know I can charge for it.... I just have no desire whizzing from one end of Sydney to the other... for... very small tasks.

cheers,

cw

For ARD you just need to forward the right ports on your router and allow the same again in your Firewall. Ports 3283 and 5900 should do it. Then you can add more if you want AFP access say, so that you can mount their hard drives as well if needed. Check out this document on OS X Server (should be relevant) - http://images.apple.com/server/pdfs/...ices_v10.4.pdf

ARD is worth it....as always there are free alternatives but ARD lets you do other stuff like remotely install apps, patches, command line scripts etc....all in one neat package.

Unfortunatly there isn't a trial version so it's not like yu can test it for a week or two before plonking down the cash.

Bartron

What about their unknown and forever changing dynamic IP?

Yes - tis a pity one can't download a demo version to screw around with before forking...

cw

Get them a free dyndns or no-ip account and configure their router's dyndns support if it has such a thing, to update, or install the software provided if their router doesn't support dyndns. The dyndns software will run hidden so it updates without them knowing it.

The ports you need to forward are: 22, 3283 & 5900. Make sure that their network is set with a static IP on their mac so that you know which internal IP to forward to, if they are using a router.

clocky,

i use chicken of the VNC to control my mac mini HTPC - works fine for that, i have also set up my mothers macbook in melbourne so i can access it remotely - basically for exactly the reason you mention. well, except i have to fly for about 8 hours to get their to show her how to use finder or whatever!

anyway what i found is that while there is a bit of lag or latency even on the home network, CotVNC is virtually unusable over the distance of my connection to my mum.

as far as the IP's thing goes i just installed an IP widget on their macbook - http://cip.physik.uni-bonn.de/~maahn/

cheers

First of all running VNC across the Internet is a Very Bad Idea (tm). The protocol has piss-poor security. There is a commonly recommended way around this problem, and that will take care of your dynamic IP address issue as well: run VNC through an SSH tunnel.

This will also save your clients from having to poke holes into their firewalls for accepting incoming connections from you. All they need is the ability to make outbound SSH connections. You'd have to allow SSH connections to your support host.

Here's how:

1. Generate a SSH key pair on your support machine, distribute the private key to your clients, and add the public key to ~/.ssh/authorized_keys. In the terminal:

2. Add an unprivileged user "support" to the support host. Append the public key to support's list of authorized keys. For that, login as support on the support host, and:

3. Secure the support account by removing shell access from it. As root on the support host:

4. Send your clients the file "support-key"

5. Get them to execute this command line (or hide it away in an AppleScript or whatever):

(replace cwo-support.iinet.net.au with whatever your support host is called)

6. Once they've done that, open CotVNC and connect to cwo-support.iinet.net.au, display no 5

Bingo! That's how I would do it.

Cheers
Steffen.

EDIT: fixed the cmd line in step 6

Dotnet - I believe everything you've written. I just don't understand it.

Okay - pretend you're talking to... a plastic bust in a bowler hat with one eye - or... better still: a small child.

On steps 1 through 6 - which is to be executed, on who's Mac? Their's or mine? And what app would I be using beyond stage 6? CotVNC?

I did warn I was easily confused...

cheers,

cw

PS: I ... reaaaally... like... cheeeeese...

Pretty much as stated, 1, 2 and 3 on your support host (which can be pretty much any old Unix box, unloved Mac, whatever, as long as it has SSH and is on your LAN). Step 5 is what you tell your clients to run on their box when they need remote support.. Step 6 from your Mac.

Well, step 6 gives you a remote desktop session on your client's Mac. What you do with that is up to you.

I forgot to mention, your clients have to run a VNC server on their machine, but that goes without saying, doesn't it?

Cheers
Steffen.

ARD is better than VNC and allows remote installation of apps, data collection and the ability to chat with the user and so much more

http://www.apple.com/remotedesktop/

It is also compatible with VNC but of course it will only function as well as another vnc client when connecting to a vnc server.

you could always let a mate with a copy show you it or give you a go

Don't download a vnc server if you want to use VNC. macosx has VNC built into the ARD Server in the sharing prefs pane.

One thing that I find useful to find a client's public IP address is to tell them to point their web-browser to whatismyip.com.
Port forwarding is still needed though.

I've looked at this previously. It is hard to set up, well, at least it was hard for me to get going.

If all else fails theres iChat/email and Apple - SHIFT - 3.

I have purchased software which is supported by the vendor remotely.

He uses ARD and a concurrent phone call (landline or skype) - I've noticed ARD is a bit slow to refresh at his end.

IP addresses (internal and external) are easily got at the client end using iStat Nano (great Oz widget, by the way!).

Just had to allow port forwarding at the ADSL router (client end) - would be a fiddle if the client had no idea about these things, but do-able. Ports as mentioned above.

Still secure - I (client) still have to authorise the request to view and/or control my computer.

I use SpyMe:
http://www.readpixel.com/spyme
Especially good is the daemon pref pane, internet cafe mode, and the support centre features.
Ports are configurable, so I got around the firewall, by piggy-backing on an established port.
Oh, and it does not use VNC.

Might have to take you up on that offer - as I know.... quite literally... nothing about it.

I'm happy to pay for the tuition, as this kind of knowledge would come in very handy, should one have a sizable customer base... yet have ideas about moving away.

(For customers - and there are many - who have never worked out that closing a window doesn't necessarily quit an application, other instructions on revealing an IP on their side, would be quite impossible - thus the general idea would be to do something - as Dotnet has mentioned, to the clients machines - and to do so with as many as possible in the shortest time - with no fee - and then be able to access all remotely when problems crop up).