JamfPro Remote Screen Control - Howto connect to targets behind a NAT router?

merber
New Contributor II

Hello,
We are planning to use JAMFPro out of the JAMFSoftware cloud. In concept phase we identified the following issue with Remote Control. As I learned, a ssh connection from the cloud to the target Mac must be established. Our Macs will reside in an internal network. We do not expect problems with outgoing Connections, however, Security won't allow us inbound ssh traffic to this Network segment.
Are there any other ways to leverage outgoing connections for this? I am wondering if we are the only one with this issue?
Thanks, any comment appreciated
Marcus.

4 REPLIES 4

MacSysAdmin
Contributor

You can connect to VPN and have your security team allow SSH access from your VPN subnets to your Mac subnets.

KSamuels
New Contributor

Can you explain that further? Because I do VPN in to our internal network but Jamf Remote (when synced to JamfCloud) tries to connect to the public IP not the private IP so it never connects. JamfCloud knows the internal address as it shows in the machine specs in a search, but it tries to connect to the public address.

diradmin
Contributor II

Jamf Remote is supposed to roll to the Reported IP Address (internal) if connection to the IP Address (public) times out. Suggest reaching out to Jamf Support for clarification on this.

KSamuels
New Contributor

Some machines it works, others it tries the internal, then jumps to trying ssh on the external router, which is never going to work obviously