Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No sure if this is a feature or config change #3911

Closed
dani717 opened this issue Apr 23, 2022 · 7 comments
Closed

No sure if this is a feature or config change #3911

dani717 opened this issue Apr 23, 2022 · 7 comments
Assignees
@Ylianst
Labels
enhancement Fixed - Please Verify & Close

Comments

@dani717
Copy link

dani717 commented Apr 23, 2022
edited
Loading

Hello Team,

Is it possible to add HTTP or HTTPS with IP and Port from the drop-down just like web rpd and web ssh
I use a mesh router to access other devices that use HTTPS such as ESXi and I thought maybe it would be possible now that we have a relay option. I might be wrong :)
image

Thanks
@Ylianst
Copy link
Owner

Ylianst commented Apr 23, 2022

Try adding this to the domain section of the config.json:

      "deviceMeshRouterLinks": {
        "rdp": true,
        "ssh": true,
        "scp": true,
        "extralinks": [
          {
            "name": "HTTP",
            "protocol": "http",
            "port": 80
          },
          {
            "name": "HTTPS",
            "protocol": "https",
            "port": 443,
        ]
      },

This will create MeshCentral Router HTTP and HTTPS links at the bottom of the device "General" tab. One click will invoke MeshCentral Router and open the browser to the web page. Let me know if that works, I may add it as a default.

@Ylianst Ylianst self-assigned this Apr 23, 2022
@dani717
Copy link
Author

dani717 commented Apr 24, 2022

Hi Ylian,

Thank you for providing this config. This works, but I think I didn't explain my request correctly; I thought the new feature might bypass using the mesh router since we are now using a relay agent on the website.

In our scenario, we are unable to use meshrouter due to company policies but we can use the mesh central web server and agents. If the relay option works just like mesh router where we can add Esxi or other web management devices, it will be a great option.

Thank you for this awesome product.
Dani

@Ylianst
Copy link
Owner

Ylianst commented Apr 25, 2022

I see. The relay feature allows the MeshCentral server to access new devices by using existing agents as relays, it does not change anything on the user side. If you are looking to access HTTP/HTTPS web pages without MeshCentral Router, I could work on this but it would require that MeshCentral have an additional HTTPS port (like port 444). I could sent a cookie to the browser and open a new browser window to the HTTPS/444 port and all requests would be redirected to the target. Using this system, you can't open many web site in the same browser at the same time (one cookie and one port 444 at any given time) but it would work without a router.

@dani717
Copy link
Author

dani717 commented Apr 25, 2022

This will be a nice addition to managing other web-based apps without a VPN connection using the relay option on the web.
Another way: If possible, in the future to allow only specific apps on a machine or through the relay option.
For example A chrome application is shared from a server or local machine and the end-user only sees chrome when they connect to meshcental. (Like thin client solution) The benefit of this would be using a secure HTTPS connection even if internal apps are not secure or don,t have a valid certificate.

I feel like the second option will be best since you already have a lot of features such as a web application to connect, recording, sharing guest links, etc which can be used.

Regards,
Dani

@b8two
Copy link

b8two commented May 16, 2022

hi @dani717,

I think your first request is to have Mesh Agent behave as a proxy for HTTP/S pages. i.e. the Agent will make the HTTP request and then act as the http/s server to share it back to the user. There are many open source software that perform this kind of function, Apache webserver can be configured as a reverse proxy for example.

@Ylianst is suggesting a Mesh Agent port mapping for the HTTP/S page similar to how the Mesh Router performs this function.

@dani717 The second option you proposed is App sharing, similar to remote desktop but limited to an application window/s, This would require the Mesh Agent to focus on the App only (perhaps run as User 0 and perform background app rendering I assume) which is different to Capturing full screen/s. Citrix has ways to do this for multiple users, so it is possible. However to support multiple users, the server machine must be logged in different profiles to do this securely.

@b8two b8two mentioned this issue Jun 9, 2022
Closed
@dinger1986
Copy link
Contributor

@si458 not likely to be implemented

@si458
Copy link
Collaborator

si458 commented Nov 26, 2023

correct this wont be implemented,
if you want http/https access, just add the device as a standard linux device then do as @Ylianst explains above and add extra links in for relaying in meshcentralrouter
OR
use the web relay feature thats now built in

@si458 si458 closed this as not planned Won't fix, can't repro, duplicate, stale Nov 26, 2023
@b8two b8two mentioned this issue May 14, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Ylianst Ylianst

Labels
enhancement Fixed - Please Verify & Close
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@si458 @Ylianst @dani717 @dinger1986 @b8two