2

I am now in the process of searching proper replacement for TeamViewer, i.e. the solution which will allow me to connect to any machine, whether I am in LAN or external network. Hosting bypass server on my own is highly appreciated.

Eventually I ran against Guacamole and read a big bunch of appraisal about it, and not for nothing. Thin clientless HTML5 solution which provide access on any protocol ever used is cool thing, BUT!

The only thing that bothers me is accessibility of the Guacamole behind NAT, or corporate proxy or whatever. I want something Teamviewer-like experience (accessible everywhere) but without TV. I'm kinda a newbie in a networking so easy networking set up is rather critical here.

As I see it from the description, Guacamole consists of Tomcat server installed somewhere and nothing more. I didn't get clearly what should be done on remote machine so that remote machine become accessible over NAT?

Is this possible at all?

Suncatcher
  • 552
  • 2
  • 7
  • 22

1 Answers1

4

Short answer

Guacamole probably won't help you with NAT..

Long answer

As can be seen on Chapter 1. Implementation and architecture, the actual graphical session client is guacd which runs on the Guacamole server.

So, the simplest answer is:

  • make your Guacamole server reachable from your web client (presumably, publicly accessible from the Internet, possibly actually in some kind of DMZ).
  • Then ensure your desktop server is reachable by guacd.

All in all, if the desktop machine you want to reach is in the same network as the Guacamole server, problem already solved.

If it's deeper in your network, then make a rule to allow guacd to reach it and you're done.

If the machine is in another random location, it looks like Guacamole won't help you. You have to figure out some NAT-traversal scheme from the Guacamole server.

Stéphane Gourichon
  • 714
  • 6
  • 13
  • Thanks for the answer. *ensure your desktop server is reachable by guacd* means that remote machine and `guacd` have to be absolutely reachable by each other and Guacamole doesn't have any built-in tools to solve this problem? Correct? – Suncatcher Jan 28 '17 at 16:21
  • Short answer: AFAIK yes, correct. Long answer: I would not be definitive about what it does not have (which might change in the future anyway). TeamViewer-centric expectations suggest guacamole being a RDP/VNC/SSH client in a browser, able to reach other machines running some kind of daemon. Guacamole appears to be shaped very differently: a web front-end to a RDP/VNC/SSH client running on a server. See https://news.ycombinator.com/item?id=8166744 for an example of reaching RDP servers inside the same NAT that contains guacd. – Stéphane Gourichon Jan 29 '17 at 01:31
  • Why they not swaped connection? If guacd connects server this will be possible!! Do you know alternatives to Guacamole? – eri Oct 07 '21 at 14:23