MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-04-16 08:58:07 -04:00
Code Issues Packages Projects Releases Wiki Activity
MeshCentral/docs/docs/meshrouter/index.md
silversword411 2eed4f8b00
Docs - meshcentral router pdf to mkdocs conversion
2022-05-12 02:42:30 -04:00

143 lines
5.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# MeshCentral Router
[MeshCentral Router Guide](https://meshcentral.com/info/docs/MeshCentral2RouterUserGuide.pdf)
## Video Walkthru
<div class="video-wrapper">
<iframe width="320" height="180" src="https://www.youtube.com/embed/BubeVRmbCRM" frameborder="0" allowfullscreen></iframe>
</div>
## Downloading
MeshCentral router is a Windows application that comes built-into the MeshCentral server or can
be downloaded at: <http://info.meshcentral.com/downloads/MeshCentral2/MeshCentralRouter.exe>
Its probably best to use the MeshCentral router that comes with your version of the MeshCentral
server as the two will likely be most compatible. A given MeshCentral Router version may not
work with any MeshCentral server versions. On MeshCentral, you can download MeshCentral
Router with this link:
![Download](images/download-link.png)
_The router link will only show up on Windows browsers._
## Login
MeshCentral router will need to login to your MeshCentral server just like any browser. You can
do this by entering the server name and account username and password. Depending on your
server and account situation, you may see some or all of the following screens.
![Login](images/login.png)
If the second factor authentication is required, MeshCentral Router does not support hardware
keys (WebAuthn), but does support the YubiKey™ OTP.
## Creating Port Maps
Once logged in, you can start adding port maps using the “Add Map…” and “Add Relay Map…”
buttons on the bottom right. You can then create a map and open the associated application
using the “Open…” button and remote to port map using the “Remove” button.
![port_maps](images/port_maps.png)
There are two different types of ports mappings. A normal port map and a relay port map. A
normal port map will route packets to the selected destination computer that is running the mesh
agent as shown here.
![port_maps](images/port_maps2.png)
A relay port map will route traffic thru the server and thru the remote agent to a target IP address
on the remote agents network as shown here.
![](images/port_maps3.png)
Note that all traffic is encrypted using TLS from MeshCentral Router to the MeshCentral server
and from the server to the MeshAgent. The server and the agent do have access the traffic so its
recommended to use port mappings to tunnel data that is also encrypted for that end-to-end
encryption is assured.
## Command Line Arguments
MeshCentral router can be run with command line arguments to make it quicker and easier to
use. The arguments range from debugging to being able to quickly login and setting up port
maps.
```bash
-debug
```
Causes MeshCentral Router to generate a “debug.log” dump file that can be useful for
debugging.
```bash
-host:<hostname>
-user:<username>
-pass:<password>
-ignorecert
```
This set of command line arguments make logging into the MeshCentral server easier. Note that
specifying the password using a command line argument may not be secure as the command
shell can record the password in the command history. The “ignorecert” argument is not
recommended as its going to cause MeshCentral Router to ignore untrusted server certificates.
This should only be used for debugging.
```bash
-map:<protocol>:<localport>:<computername>:<app>:<remoteport>
```
The “map” argument will automatically create a network map once MeshCentral Router is logged
In. The protocol must be “TCP” or “UDP, the local port can be 0 for any. The computer name is
the server-side name of the computer, if many computers have the same one, one of them will be
selected. The app can be empty for a custom application, or can be “HTTP”, “HTTPS”, “RDP”,
“PuTTY” or “WinSCP”. For the UDP protocol, no apps are currently supported so it should be left
blank. For example you can use:
```bash
-map:TCP:0:"MyComputer":HTTP:80
-map:UDP:1235:"MyComputer"::1234
```
The first example will map a random local port to port 80 of “MyComputer” and is expected for
use with HTTP traffic. The second example maps local UDP port 1235 to port 1234 on
“MyComputer”. Its best for the computer name to be in quotes.
In addition to port mapping, you can also setup relay maps where a remote computer is used as a
traffic relay like this:
```bash
-relaymap:<protocol>:<localport>:<computername>
:<app>:<remoteip>:<remoteport>
```
This will relays a local port to thru the server and thru a remote agent to a target IP address and
port. For example:
```bash
-relaymap:TCP:555:"MyComputer":HTTP:192.168.1.1:80
```
This will relay local port 555 to a 192.168.1.1:80 for HTTP traffic. A typical use of this is to be able
to remotely configure a home router from anywhere on the Internet.
```bash
-all
```
The “all” switch will bind local ports to all network interfaces so that other computers on the
network can use the port maps provided by MeshCentral Router. By default, local ports will be
bound to the loopback interface so that only local application can use the port mappings.
```bash
-tray
```
The “tray” switch will place MeshCentral Router on the Windows system tray instead of the
normal application bar.
## Conclusion
MeshCentral, MeshCentral Router and this document are all opens source and licensed using
Apache 2.0, the full license can be found at <https://www.apache.org/licenses/LICENSE-2.0>.
Reference in New Issue View Git Blame Copy Permalink