18 Comments

Summary:

I previously wrote an article on how to stream your data from a Time Capsule and local computer over the Internet. After figuring out the basics of networking, I moved onto wanting to control my media center computer remotely. Below I’ve outlined the steps to set […]

I previously wrote an article on how to stream your data from a Time Capsule and local computer over the Internet. After figuring out the basics of networking, I moved onto wanting to control my media center computer remotely. Below I’ve outlined the steps to set up remotely controlling your home computer over the Internet.

Some Things to Note

  • This tutorial assumes you’re using a Mac on your home network with screen-sharing turned on, that it’s powered on most of the time, and that it has a static IP address (the tutorial explains how to do each of these things).
  • You must have an external static IP address (my broadband Internet came with that).

Determine your External IP Address

We’re going to be referring back to this number a lot. Make sure you write it down.

  1. Go to What is My IP Address?
  2. Write down the number next to “Your IP Address is”
    ip-address

Set Your Computer to a Static IP Address

  1. Launch System Preferences: Applications → System Preferences
  2. Under the “Internet & Network” section, click on the “Network” icon
  3. In the left hand menu, select the “Ethernet” or “Airport” device. (Select whichever one you are using to connect to your network, it will have a green ball next to it and say “Connected.”)
  4. Click “Advanced”
    advancednetworking
  5. Click the “TCIP/IP” tab
  6. Write down the number next to “IPV4 Address” (from now on we’ll refer to this as your “Internal IP Address”)
    internalIP
  7. In the “Configure IPV4″ pull down menu, select “Using DHCP with Manual address”
  8. The box next to “IPV4 Address” will default to all zeros. Type in the number we wrote down in step 6 (your internal IP Address)
    manualIP
  9. Close System Preferences

Set Up Screen-sharing on Your Computer

  1. Launch System Preferences: Applications → System Preferences
  2. Under the “Internet & Network” section, click on the “Sharing” icon
  3. Select the checkbox next to “Remote Management”
  4. A pop up will come up with a ton of checkboxes asking you what you would like to do when remotely managing. I checked everything and clicked “OK.”
    VNCcheckboxes
  5. Select the “Computer Settings” button
  6. Check the box next to “VNC users may control screen with password” and enter a password in the text box next door. Click “OK” after you’ve entered a password.
    VNCpassword
  7. Close System Preferences

Forward Port 5900

Port 5900 is the Apple VNC port. We need to forward from our external IP address to the computer that’s sharing files on our internal network.

Every router is different, so below I’ve outlined the basic steps. You’re going to have to consult your router’s documentation for exact instructions. Portfoward.com has documentation for a lot of routers and I also wrote an article for the Airport Extreme.

  1. Log into your router. If you’ve left the router with the default configuration, launch a web browser and enter “192.168.1.1” (most routers default to this IP). If this doesn’t work, consult your router’s manual for directions on how to get to the configuration panel.
  2. Once you’re logged into your router, find the port forwarding section (mine was under the “Applications and Gaming” tab).
  3. Forward both the TCP and UDP ports from the router to your file sharing computer’s IP Address.

Connect to your Computer Over the Internet

Now comes the fun part: connecting to our computer over the Internet.

  1. Head over to SourceForge and download/install the latest version of Chicken of the VNC
  2. Launch Chicken of the VNC. If you are currently on your home network (the network with the computer that has the screen we want to control) and did everything correctly by default, you should see the name of the computer you are trying to connect. All you have to do is type in the password we set earlier and click “Connect.”
  3. To add a new location, click the small plus arrow in the bottom left-hand corner of the screen.
  4. A pop-up window will ask you to name the location. Name it whatever you like.
  5. In the “Host” box, replace the phrase “localhost” with the external IP address we determined earlier
  6. In the “Password” box, type in the password we set earlier and select the “Remember Password” checkbox.
    chickenVNC
  7. Click “Connect.” If you did everything correctly, you should be able to control your computer.

Optional Step: Forward a Domain Name to Your External IP Address

Remembering a domain name is much easier than remembering an IP address, so for this optional step we’re going to forward a domain name to our External IP address that we wrote down earlier. Then when we go to the “Connect to Server,” you can enter in the domain name instead of the IP address.

This guide is for GoDaddy, but the same basic procedure should apply for other domain registrars.

  1. Purchase a domain at Godaddy.com.
  2. Log into your Account Manager.
  3. In the My Products section, click Domain Manager.
  4. Click the domain name for which you want to create an A record.
  5. In the Total DNS section, click Total DNS Control and MX Records.
  6. Click Add New A Record.
  7. Complete the following:
    Host Name: The host name the A record links to. You can enter @ to map the record directly to your domain.
    Points to IP Address: The external IP address that we wrote down earlier.
    TTL: The time increment for which the server should cache the information.
  8. Click OK.

UPDATE: As some users have commented, opening ports on your firewall can pose a security risk. Always exercise extreme caution when opening ports and never give out your external IP address.

You’re subscribed! If you like, you can update your settings

  1. Quirilio Vilorio III Monday, June 22, 2009

    Or you can you a very simple solution called logmein at http://www.logmein.com, with it you don’t have to open ports or use special vnc applications, you just log into the site and bang! you are off.

    Regards,

    1. Except that under the free logmein you cannot transfer files.

      1. But if you have a free dropbox, you can transfer with that :-)

  2. kooikerexpress Monday, June 22, 2009

    Thank you for this awesome post!

  3. I don’t like Windows for much, but RDC is about 100x better than VNC.

  4. This seems like so much work. Like most people, don’t have a static IP address, so I use DynDNS.

    The other part of the solution is ShareTool. A secure way to use my Desktop at home from my notebook. Using ShareTool, I can access my Desktop with Screen Sharing. I can also access my iPhoto library and my iTunes library, my network printers, my network disks. All of this happens over encrypted SSH tunnels.

  5. Is there a reason you’re using the “Remote Management” Sharing setting instead of “Screen Sharing”?

  6. What about security? I’ve always been a bit leery about opening up ports on my router’s firewall. Someone could do a lot of damage if they got access to screen sharing.

    1. Khürt Williams lh Tuesday, June 23, 2009

      Worse yet. They could use the storage on your computer as a staging area for crime (like warez and porn).

  7. I agree with lh on 2 counts. First is that it is never good to arbitrarily open common ports on your firewall (you are just asking for trouble) and second VNC is a non-encrypted protocol (EVERYTHING you type is in plain text).

    As you will find all over the internet you should utilize an SSH tunnel to keep your traffic encrypted. This is less of an issue being that OS X ships with SSH server :)

  8. I set all of this up. I get “could not connect to server. connection refused: connect()”

  9. Khürt Williams Tuesday, June 23, 2009

    Like CVBruce suggested you can simply use one of the dynamic DNS services ( I use OpenDNS ) with software that updates the name server each time your external IP changes. I have it installed on one of my Mac and it updates once a day.

    http://www.dyndns.com/support/clients/
    http://www.opendns.com/support/article/90

  10. hard to make work. but not too difficult for most people to hook up and run.

  11. links for 2009-06-25 at So It’s Come To This: Thursday, June 25, 2009

    [...] How-To: Remotely Control Your Mac Over the Internet (tags: howto mac reference tutorial apple networking remote Internet hacks) [...]

  12. Best and easiest way so far is welcome.toyourmac.com – TOP!

  13. Remote Control Software Monday, March 8, 2010

    While this does not seem much easier than the Windows method, I would bet it is more reliable. Still, are there any advantages to using these solutions over third party ? I would think the third party options are more feature rich, although there is the downside of them not being installed on every Mac…Are there any other advantages to using the native offering for these needs?

  14. for remote control I prefer to use ActyMac DutyWatch Remote

Comments have been disabled for this post