Hi, I have a 17" MacBook Pro that is becoming obsolete. Unfortunately Apple does not sell any longer these. I have been thinking about buying the new Mac Pro t(with OS X 10.9) o use in combination with my old MacBook Pro remotely (when I am not in the same place/local network). The idea is if I am working in a Coffee shop with my 17" MBP and I need to use CPU/GPU intensive apps I will connect to the Mac Pro. After much search I have come to the following info (take a look, it is a looooong doc but you might find it useful) but I would also recommend expert advice (and no, a 15" MBP is not an option. Too small). Thanks.
OPTION A: BACK TO MY MAC (app in MAC OS)
Back to My Mac is one of Apple’s iCloud services. Technically it uses adhoc ipsec vpn tunnels and gives you an DNS name for each mac set up, effectively bypassing the current internal name resolution issue. e.g. server.12345678.members.btmm.icloud.com Services that you run e.g. web and ssh will accessible.
Use OS X Help for information about how to set up and use Back to My Mac:
From the Finder, click the Help menu.
When the Help Center appears, type "Use Back to My Mac" in the search window.
Choose the Help article titled "Use Back to My Mac."
On the remote Mac select Wake on Demand to save energy (the device goes to sleep when it is not in use)
(troubleshooting: http://support.apple.com/kb/HT4907 - see also notes below)
(security tips: http://support.apple.com/kb/HT4908)
BTTM only works between OSX computers and a single account. VPN lets you connect most devices and other OSs and many users to single resources. BTMM is essentially a dynamic DNS service. It does not enable sharing or management services at all, and only facilitates the connection to the machine. You will still need to enable various services on your own, and BTMM will not bypass any security features of the system. You can only connect to BTTM from a Mac which is logged into the same iCloud account. For example, if you try to use that BTMM hostname on your ipad, it won't work.
You can also use File Transfer apps like Transmit. Under Transmit, Bonjour setting, all of Macs are listed as SFTP connections, with the BTTM number followed by .members.bttm.icloud.com. This connection appears to be much faster than BTTM through file sharing or screen sharing and shows all files on that Mac, including normally invisible ones. This does require entering my account name and password.
OPTION B: MAC OS SERVER & VNC
This can be done with built-in Apple software. You need to buy it in the Apple Store.
- Firstly you should for security reasons have a VPN server running at your office, this could be on your Mac server. The remote users would then first connect to the VPN server this would then allow them to access the server securely even remotely
- Then your remote users must have Macs (this method is only supported by Mac clients)
- The remote Macs would use Screen Sharing to connect to the Mac server, since Lion it has been possible for multiple Mac clients to connect to different user accounts at the same time and see a different 'screen' and run different applications
Note: If you use screen sharing to connect with an account that is not already logged in it will offer the choice of 'Share Display' or 'Log In' the former is like the old-style remote control, the later is like a Terminal Services system. If you connect with an account that is already logged in it will just take you to that accounts session.
Note: Some applications are not written in a way that would be friendly to running the same copy more than once, also some software licensing woulld mean you would still need to buy multiple copies. If an application checks over the network for the same copy running to enforce licensing you would have a problem. A volume license often helps with that.
Unfortunately if you're expecting Wake on Demand to work over a VPN, it doesn't. (see below - note on IP)
Good video to configure OS Server in Mavericks: http://www.youtube.com/watch?v=xVfEicYfMTE
By the way, if you are just interesting in running your server from a Mac Mini instead of a Mac Pro, you can find more information here http://blog.macminicolo.net/post/72706369716/an-hdmi-adapter-for-a-headless-mac- mini
OPTION C: RDP APPS
If you want to use Windows laptops remotely then the above will not work, in which case you will need to buy either Aqua Connect or iRAPP.
The above support using Microsoft Remote Desktop Client to connect and hence are compatible with Windows clients built-in RDC software.
Both iRAPP and Aqua Connect support standard Microsoft RDP protocol clients and both also have their own proprietary client. RDP is not VNC.
Saying that I did get the impression both were slower than an equivalent Windows Terminal Server and RDC client, at the time (this was a couple of years ago) I got the impression that things like forcing just 256 colours did not work properly and I also go the impression other RDP optimisations were lacking and this would be at the server end since the client is the same standard Microsoft client.
See http://www.coderebel.com/support/faq/How-do-I-make-it-faster which recommends using an RDP client instead of their own proprietary Windows only client (which might be based on VNC). The AquaConnect client does not appear to be based on VNC since it supports audio.
In particular "Aqua Accelerated Protocol provides a 2-1 data savings over VNC (including audio, which VNC does not support). These savings become even more significant when compared to Microsoft's Remote Desktop Protocol. Compared to Microsoft's protocol, AAP provides a 10-1 data savings over RDP. All of this translates into a remote session that feels and acts like a local desktop and OS."
By the way I agree RDP is faster than VNC, I also like the fact RDP supports audio (VNC does not). I have suggested to Apple they switch their Screen Sharing from VNC to RDP as this follows the same reasoning as their switching preference from AFP to now SMB2. Maybe others should send Apple the same suggestion.
Most products use VNC to remote and I've never been able to get good performance from VNC. So I run iRAPP by Code Rebel on my iMac. It is a small RDP server. I then connect via iTeleport which I have on my MBP, iPad, and iPhone. Works very well, but it also quite expensive.
- Apple Remote Desktop can connect over the internet, but you would have to setup port forwarding and have some sort of name or IP that stays the same. Depending on you internet connection, something like dyndns.com could help. ARD does use the standard VNC port (5900) for the screen sharing parts. There is another port in the 3000 range for the other parts. (see http://en.wikipedia.org/wiki/Apple_Remote_Desktop). You may need to set a free associating IP address like DynDNS and set Port forwarding in your router. Video on how to configure it and basic use: http://www.youtube.com/watch?v=TArMYl1RsUE
- Apple Screen Sharing (http://en.wikipedia.org/wiki/Screen_Sharing) You can drive the cursor and send mouse clicks to the remote computer, and type into its applications. It can be enabled via: System preferences > Sharing > Screen Sharing
- From iOS device, an app like Airlogin can be used (http://www.avatron.com/apps/air-login/) but this app does not have Wake On Lan and it is subscription based (i.e. annual subscription of around 15$)
- Other non official Apple apps that can be used but again without Wake on Lan functionality: Teamviewer, Logme In,...
- For use of Terminal via BTMM you can read: http://reviews.cnet.com/8301-13727_7-57596207-263/how-to-connect-via-ssh-using-i clouds-back-to-my-mac-service/
NOTE ON IP:
In order to control another Mac you'll need to go to 'Apple Menu -> System Preferences...' on the Mac you want to control and enable 'Remote Management'.
In the 'Allow access for' section of 'Remote Mangement' you can leave the default selection of 'All Users', which will allow any account on the controlled Mac to be used to login for remote management or you can select 'Only these users' and define specific accounts that can be used.
Click 'Options...' to define what remote management actions are allowed. You'll probably only need to select 'Observe' and 'Control'.
If you're both on the same network then you can do a Command + K from the controller Mac and type vnc://mygirlfriendsmac or vnc://ipaddress to connect to the Mac you want to control.
Regarding the issue with controlling a Mac on a different network, this is where things can get complicated since there are a lot of variables depending on what network the Mac you want to control is on. This is one possible solution:
First, you'll need to know if port 5900 is open on the network the Mac to be controlled is on. A lot of firewalls block this port. (You can do a VNC tunnel on port 80, but that's probably beyond the scope of this question.)
If port 5900 is open then you'll need to know the publicly accessible IP address of the Mac to be controlled. One way to do this is to use http://DynDNS.com.
This is how DynDNS works:
You can signup for a free account that allows you to create a DNS entry that you define (ie- mygirlfriendsmac.dyndns-ip.com). You'll then need to install the DynDNS app on the Mac you want to control. This app will send the public IP address to DynDNS every few minutes so that you'll be able to do a Command-K on your Mac and connect to the DNS entry you defined (mygirlfriendsmac.dyndns-ip.com) and you can be assured it will be mapped to the current IP address of the Mac you want to control.
BACK TO MY MAC TROUBLESHOOTING:
If Back to My Mac is not working as expected, try the troubleshooting steps below, if they apply.
1 Update all your Macs to OS X Lion v10.7.3 or later (OS X Lion v10.7.4 or later is recommended).
2 Choose System Preferences from the Apple () menu. Open iCloud System Preferences and check that Back to My Mac is enabled. See if any diagnostic messages are provided under the Back to My Mac section to assist you with troubleshooting and resolving any connection issue.
3 Toggle Back To My Mac off and back on by deselecting and then reselecting Back To My Mac in iCloud System Preferences.
4 Make sure the computer you are trying to connect to is not sleeping and is set to Wake on Demand. For more information about Wake on Demand, see this article: http://support.apple.com/kb/HT3774.
5 If you are using an AirPort base station, make sure your firmware is up-to-date (open AirPort Utility 6.0 or later).
6 Check your network for a multiple NAT setup and reconfigure your network as needed.
7 Make sure NAT-PMP or UPnP (http://support.apple.com/kb/HT1552) is enabled (if you are using an AirPort Extreme Gigabit Ethernet base station, click here for information about AirPort Extreme Gigabit Ethernet and NAT PMP).
8 Ensure TCP port 5354 and UDP ports 4500 and 5353 are open on your firewall. To learn more about ports used by Apple products, click http://support.apple.com/kb/TS1629.
When BTMM stopped working i also noticed that i was having issues connecting with my apple id to machines even if they were on the same local network. I found a way to resolve this and consequently BTMM has started working again for all of my machines. I think this has something to do with how the apple id is assigned to your user account but let me go through the steps i took for this:
1) Open 'System Preferences'
2) Click on 'Users & Groups'
3) Unlock the padlock in the bottom left corner to make changes
4) Select your user account from the list on the left
5) Right click on account and select 'Advanced Options'
6) In the 'Aliases' box at the bottom you SHOULD have two records (your apple id and another beginning with com.apple.idms.appleid) remove these both and click Ok.
7) In the right hand window on your user account click on 'Change' next to the apple id box.
8) Delete the apple id associated with the account and click 'Done'.
9) Now click 'Set' next to the apple id label (where it just said Change a minute ago)
10) Enter your apple id and password and click ok.
11) After a few minutes the machine should be available again for remote connection and desktop sharing via BTMM. You can always perform a reboot just to be sure.
This should take a few seconds to set and once you have then you can verify this has been set correctly by right-clicking on your user account and selecting 'Advanced Options' to see if it has put the two records in the 'Aliases' box at the bottom. Needless to say you need an active internet connection for this as it fetches your associated record from your account and aliases it for you.
FYI: Back to My Mac status messages explained here http://support.apple.com/kb/TS4104
For Local Networked MACs operating with BTMM:
If you have noticed that the iMac (for example) was automatically authenticating to the Mini using iCloud/Apple ID, not my local username (being both computers are on the same local area network connected via an ethernet switch). The solution is to disable Back to My Mac on the iMac, delete some of my login credentials from KeyChain and rebooted my iMac. This forced me to re-authenticate to the Mini for local network access. I used my local username/password account and the problem with finder operations and hanging was solved.