MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-04-14 00:09:44 -04:00
Code Issues Packages Projects Releases Wiki Activity
MeshCentral/docs/docs/meshrouter/index.md
silversword411 2eed4f8b00
Docs - meshcentral router pdf to mkdocs conversion
2022-05-12 02:42:30 -04:00

5.3 KiB
Raw Blame History

MeshCentral Router

MeshCentral Router Guide

Video Walkthru

Downloading

MeshCentral router is a Windows application that comes built-into the MeshCentral server or can be downloaded at: http://info.meshcentral.com/downloads/MeshCentral2/MeshCentralRouter.exe

Its probably best to use the MeshCentral router that comes with your version of the MeshCentral server as the two will likely be most compatible. A given MeshCentral Router version may not work with any MeshCentral server versions. On MeshCentral, you can download MeshCentral Router with this link:

Download

The router link will only show up on Windows browsers.

Login

MeshCentral router will need to login to your MeshCentral server just like any browser. You can do this by entering the server name and account username and password. Depending on your server and account situation, you may see some or all of the following screens.

Login

If the second factor authentication is required, MeshCentral Router does not support hardware keys (WebAuthn), but does support the YubiKey™ OTP.

Creating Port Maps

Once logged in, you can start adding port maps using the “Add Map…” and “Add Relay Map…” buttons on the bottom right. You can then create a map and open the associated application using the “Open…” button and remote to port map using the “Remove” button.

port_maps

There are two different types of ports mappings. A normal port map and a relay port map. A normal port map will route packets to the selected destination computer that is running the mesh agent as shown here.

port_maps

A relay port map will route traffic thru the server and thru the remote agent to a target IP address on the remote agents network as shown here.

Note that all traffic is encrypted using TLS from MeshCentral Router to the MeshCentral server and from the server to the MeshAgent. The server and the agent do have access the traffic so its recommended to use port mappings to tunnel data that is also encrypted for that end-to-end encryption is assured.

Command Line Arguments

MeshCentral router can be run with command line arguments to make it quicker and easier to use. The arguments range from debugging to being able to quickly login and setting up port maps.

-debug

Causes MeshCentral Router to generate a “debug.log” dump file that can be useful for debugging.

-host:<hostname>
-user:<username>
-pass:<password>
-ignorecert

This set of command line arguments make logging into the MeshCentral server easier. Note that specifying the password using a command line argument may not be secure as the command shell can record the password in the command history. The “ignorecert” argument is not recommended as its going to cause MeshCentral Router to ignore untrusted server certificates. This should only be used for debugging.

-map:<protocol>:<localport>:<computername>:<app>:<remoteport>

The “map” argument will automatically create a network map once MeshCentral Router is logged In. The protocol must be “TCP” or “UDP, the local port can be 0 for any. The computer name is the server-side name of the computer, if many computers have the same one, one of them will be selected. The app can be empty for a custom application, or can be “HTTP”, “HTTPS”, “RDP”, “PuTTY” or “WinSCP”. For the UDP protocol, no apps are currently supported so it should be left blank. For example you can use:

-map:TCP:0:"MyComputer":HTTP:80
-map:UDP:1235:"MyComputer"::1234

The first example will map a random local port to port 80 of “MyComputer” and is expected for use with HTTP traffic. The second example maps local UDP port 1235 to port 1234 on “MyComputer”. Its best for the computer name to be in quotes.

In addition to port mapping, you can also setup relay maps where a remote computer is used as a traffic relay like this:

-relaymap:<protocol>:<localport>:<computername>
 :<app>:<remoteip>:<remoteport>

This will relays a local port to thru the server and thru a remote agent to a target IP address and port. For example:

-relaymap:TCP:555:"MyComputer":HTTP:192.168.1.1:80

This will relay local port 555 to a 192.168.1.1:80 for HTTP traffic. A typical use of this is to be able to remotely configure a home router from anywhere on the Internet.

-all

The “all” switch will bind local ports to all network interfaces so that other computers on the network can use the port maps provided by MeshCentral Router. By default, local ports will be bound to the loopback interface so that only local application can use the port mappings.

-tray

The “tray” switch will place MeshCentral Router on the Windows system tray instead of the normal application bar.

Conclusion

MeshCentral, MeshCentral Router and this document are all opens source and licensed using Apache 2.0, the full license can be found at https://www.apache.org/licenses/LICENSE-2.0.