ZCM Remote Control over the Internet

In recent months, I've been very busy working with ZCM. In the coming weeks and months I will start sharing my war stories here.

To start with though, I built my ZCM demo server from scratch yesterday. It's a bog standard 10.0.2 server but has a NAT'd connection to the Internet.

After opening up TCP Port 5950 to the server, I can now remote control the Primary Server over an Internet Connection. I tested this further by Collaborating in a single remote control session with Shaun Pond and Laurence Pitt, both where sitting in there home offices. It worked an absolute treat.

So if you are using ZCM in a Internet-facing environment, or even just NAT'ing between sites, a known IP address at one side and an open port is all you need.

The known IP Address is important, the Primary Server has a static NAT address. In most scenarios, an administrator's workstation will not have a static NAT; so to remote control a user outside the firewall requires the user to request a session from a known address.

Is anyone out there using ZCM to manage users outside the firewall?


How To-Best Practice
Comment List
  • This was a major focus of my eval of ZCM (we are currently 6.5 and can move to ZCM when we want).

    The issue I found is that remove users behind a NATed firewall or BorderManager can pull services from ZCM as the installed client can connect back to the server, but you lose all the remote control services as there is no way for the administrator to open a direct connection to the client machine due to the IP address changes.

    For some future release it would be very helpful if the ZCM client could build a tunnel session to the ZCM server so all the remove tools could operate via the tunnel.