a recent study, two-thirds of the U.S. households that own Macs have more than one computer. Nearly three quarters of those households have laptops as well as desktops. A significant number of those Mac households also own iPhones, iPads, or other iOS devices.
Combine those numbers, and you have a lot of Mac owners who need to connect from one computer (or iOS device) to another—whether that other computer is down the hall or across the country.
They need not only access to files on other machines, but also the ability to control the remote machine and run apps on it. They might want search through an e-mail archive, start a backup, or use a database that’s stored only on that other machine. In the home, they might want to control a Mac mini-based home-entertainment server that has no monitor of its own.
(If you all you really need is access to files on other computers, you might need only a file-synchronization service such as
Four ways to access files from afar for more.)
Fortunately, there are plenty of ways to make such remote connections. They divide themselves roughly into five categories:
- Tools built into OS X itself, including Screen Sharing and
Back to My Mac;
- Chat services such as iChat and
- Dedicated online services including
Timbuktu Pro; and
(For the purposes of these articles, we’re looking at remote graphical control, and not Remote Login (using SSH). If you need that kind of access, chances are you already know all about it.)
Unfortunately, it’s not always easy to figure out which one of those options will best meet your specific needs. And even if you’ve settled on a solution, it’s not always easy to get it to work.
Why it’s hard
Remotely controlling one Mac from another within the same local network isn’t especially difficult; Bonjour and other networking tools do a good job of that. Controlling a machine on a remote network is trickier; much of the networking hardware and software between the two is set up specifically to keep that from happening.
Home networks typically use a combination of two technologies—Network Address Translation (NAT) and Dynamic Host Configuration Protocol (DHCP)—to provide Internet access to multiple computers through a single Internet address and to provide a light (not robust) buffer to keep strangers out of the network. They can keep you out, too.
DHCP assigns private network addresses to the local computers. NAT then rewrites those addresses at the router, so that, to the rest of the Internet, all the traffic from those multiple computers seems to be coming to and from just one publicly accessible address. On business networks, firewalls and other filters further complicate any efforts to gain access.
Some remote-access tools (particularly dedicated remote-access services such as Back to My Mac, GoToMyPC, and LogMeIn) take care of this problem by talking directly to a router’s NAT software and then mapping specific pathways into the network.
Other solutions (including OS X’s built-in Screen Sharing software and VNC) require you to set up port mapping. (If IP addresses are like street numbers for apartment buildings, ports are like individual apartments at those addresses. A port is assigned to a particular service, such as file sharing or outgoing e-mail.) That means establishing persistent connections between ports on the router’s Internet-facing IP address and specific computers inside the network.
If you’re lucky, NAT-PMP (NAT Port Mapping Protocol, favored by Apple) or UPnP (Universal Plug and Play, common on non-Apple hardware) on your router can take care of the port mapping for you. Third-party software such as
Port Map (Lighthouse can also do the trick. (Another program,
ShareTool ( ), can create persistent connections between local networks, allowing for standard Bonjour hook-ups.)
Port mapping manually is also doable, but it means learning the arcana of which ports are used for which services, how to assign persistent addresses or identities to computers on the network, and how to find your external public IP address (if your ISP you assigned one).
There is another workaround for gaining remote access: Dynamic DNS lets you map a human-readable domain name, like
remote.mymachine.com to your router’s public IP address. For more on that, see
Setting up dynamic DNS.
The right route
To figure out which remote access alternative is right for you, you need to consider a few different features:
Security All of the options listed above except for VNC strongly encrypt remote-access connections by default. If you opt for VNC, you need to make sure you take extra precautions if you use public networks, like Wi-Fi hotspots.
Cost The most reliable options cost the most. LogMeIn and GoToMyPC have hefty per-machine fees, while Timbuktu Pro has a high, one-time per-computer price tag. Back to My Mac is less expensive (the cost of a MobileMe subscription), but it doesn’t work for everyone.
Multiple monitors Different remote control packages vary in their support for multiple monitors, on both the local machine you’re using and the one you’re viewing remotely. Certain flavors of VNC can share just the primary screen on a system; screen sharing over iChat squeezes multiple remote screens into a single local display.
Bandwidth control Some programs automatically ratchet the quality of the remote display up and down based on how fast data is moving back and forth. Others can be or must be set manually to a lower bit-depth (meaning fewer distinct colors) or lower image fidelity to keep the connection speed reasonable.
File sharing Remote control may be all you’re after, but remote access to files is often just as important. Many of the remote control packages lack integrated or well-designed ways to move files from one machine to another.
iOS support It is possible to connect to a Mac from an iPhone or iPad using LogMeIn and VNC apps.
In a series of articles that will follow this one, I’ll talk you through the ins and outs of each remote access option. Note that in some cases, depending on the features you need, you may actually have to adopt more than one.
Glenn Fleishman has written about Mac networking for a decade, and is the author of Take Control of Screen Sharing in Snow Leopard (TidBITS Publishing, 2010).
Updated 11:20 PT 7/19/10 to correct editing error regarding iOS support and GoToMyPC.