Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

repeater mode I and II

Post Reply
petemarkey
Posts: 2
Joined: 2020-01-19 06:12

repeater mode I and II

Post by petemarkey »

Hi all,

I am looking at using ultravnc to support some remote servers... I have been using TeamViewer temporarily.

I have set up a machine behind the firewall that is running repeater and have port 5901 forwarded (for now, will change to a non default port eventually) and and seems to work.

Right now I am just using a simple password to test but will eventually move to a certificate base authentication I hope, if it works.

Although i am decently versed in network technology i am having a hard time understanding repeater mode I and mode II.

Can someone provide some real work examples of mode II. Mode I seems to be all i need? I just want to go through the repeater and hit all servers on the same network as the repeater.

Does mode II provide additional security, or is it for some other purpose?

Thanks in advance.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: repeater mode I and II

Post by Rudi De Vos »

Mode I
viewer 12.12.12.12:5000 and proxy/repeater your repeater
The repeater try to forward the connection to 12.12.12.12:5000
Repetaer need to be able to connect to the destination ip
Viewer is outgiong, server is listening
This is more or less the same as port forwarding

Security:
You need to proper define the allowed ports and ip destinations.


Mode II
viewer connect to repeater using an identifier
server connect to repeater using an identifier
The repeater cross streams when the identifier is the same.
You have 2 outgoing connection. Server and Viewer can be behind a NAT router

Security:
*Instead of using a high security repeater we put encryption on the server<->viewer data.
-The repeater vcan only read the initial identifier, but all other data is encrypted
That's why you always need to use the encryption modules
petemarkey
Posts: 2
Joined: 2020-01-19 06:12

Re: repeater mode I and II

Post by petemarkey »

Ok, i think i might understand.... So in Mode II the repeater might run in the cloud, not at the office. Therefore no need to forward ports at the office to the repeater.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: repeater mode I and II

Post by Rudi De Vos »

Mode II
No forward needed at office and home(client) as both connect to the repeater running in the cloud.
AnotherUVNCuser
40
40
Posts: 68
Joined: 2017-09-13 00:40

Re: repeater mode I and II

Post by AnotherUVNCuser »

Rudi De Vos wrote:Viewer is outgiong, server is listening
So when using the repeater it is *not* possible to make a "reverse connection" (i.e. SocketConnect=0), as can be done with a direct "server" <=> "viewer" connection?
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: repeater mode I and II

Post by Rudi De Vos »

Mode II: Both are outgoing
Viewer or server can initiate the connection, a reverse connection is possible.

Mode I: server is listening, viewer is outgoing ( This act the same as port forwarding)
AnotherUVNCuser
40
40
Posts: 68
Joined: 2017-09-13 00:40

Re: repeater mode I and II

Post by AnotherUVNCuser »

Tank you Rudi :wink:
Post Reply