Gather the following pieces of information:
- The public (external or WAN) IP address assigned to your router by your Internet service provider. You can find this in your router's configuration settings, by contacting your service provider, or by simply visiting a Web site designed to report your IP address such as whatsmyip.org.
- The public (external or WAN) port numbers on your router that Screens will connect to. Screens connections will be forwarded from these public port numbers on your router to ports 5900 and 22 on the computer Screens will be connecting to.
- The IP address assigned by your router to the computer you wish to connect to. To find this, you can launch Terminal.app and enter the following command:
This will return results including something like:
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::47:406c:5093:bfc5%en0 prefixlen 64 secured scopeid 0x5
inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255
The key information to look for among all the data you will see are the "en0" part and the "inet" part. Immediately following "inet" is where the IP address is listed.
With this information in hand:
- Open the Screens Connect menu and click Preferences.
- Select Use public port number.
- Enter the public port number discussed above. Note that, to help you configure router settings, Screens Connect provides the suggested private IP address and private port number that your public port you should forward to.
Configuring Your Router and Computer
If you've already configured port mapping on your router, you may skip the next two steps.
Step 1: Set a Static IP Address
- On the Mac you intend to connect to, open System Preferences.
- Click Network.
- Select the network you use for Internet access (in the following screenshot, this is Highland Park on Wi-Fi).
Under Configure IPv4, select Using DHCP with manual address.
Enter an IPv4 Address. (In the following screenshot, 10.0.1.7 is used.)
- Click Apply to activate the change.
To learn more about static IP addresses, please refer to Apple's support article on the topic: https://support.apple.com/kb/PH25448
Step 2: Manually Configuring Your Router's Port Forwarding Feature
Below, we'll demonstrate how to use Apple's AirPort Utility to manually configure your router's port forwarding feature. (Note that AirPort Utility is for use only with Apple routers.) This method will differ from one router to another, and from one manufacturer to another, so we strongly suggest referring to the port forwarding guide at Port Forward. This guide includes detailed instructions for many router brands and models. (Once you select your brand and model on the site, look for instructions regarding VNC (Screen Sharing) or SSH (Remote Login) under Step 4 > Application).
For the purpose of this example, we will open public port 59107, but you could use any port allowed by your router. Keep in mind that when selecting a port number, other software or services may be using the number you choose. To avoid potential conflicts, select a port number larger/higher than 1024. This Apple support document can further guide you in port number selection:
- Open Airport Utility,
- Select the router to be configured.
- Click the Edit button.
Select the Network tab.
Next to Port Settings, click on the [+] button to add a new mapping.
- Under Description, select Screen Sharing - VNC.
- Set the Public UDP and Public TCP to the desired public port number (in the following screenshot, 59107 is used).
- Enter your computer's Private IP address so that the router knows to which computer Screens traffic should be forwarded. (In the following screenshot, 10.0.1.7 is used.)
- Set Private UDP and Private TCP to 5900.
- Click Save when you're done. You should now see your new port setting. Click Update to apply the changes to your router.
Option A: Port Forwarding to Screen Sharing (VNC)
This example assumes that we want to connect directly to the Screen Sharing service.
- Under Use public port number, enter a valid port number (in the screenshot below, 59107 is used).
- Under General, make sure that Use Remote Login (SSH Tunneling) is disabled.
Option B: Port forwarding to Remote Login (SSH)
If, in Screens Connect's Preferences settings, you chose to use a secure network connection, the configuration is similar.
- From the Screens Connect menu, open the Preferences window.
- Click General, then select Use Remote Login (SSH Tunneling).
- Click Advanced, then select Use public port number.
- Enter a valid port number that Screens can connect to. In the following screenshot, 2299 is used, but you can use any port allowed by your router.
- Under Description, select Remote Login - SSH.
- Set the Public TCP to the desired public port number (in the following screenshot, 2299 is used).
- Enter your computer's Private IP address so that the router knows to which computer Screens traffic should be forwarded to (in the following screenshot, 10.0.1.7 is used).
- Set Private TCP to port 22.
- Click Save when you're done.
Forwarding Multiple Ports
If you want to set up Screens connections to more than one computer residing on the same local network, note that each of those computers requires its own dedicated public port number. A port forwarding rule must be configured on your router for each computer you wish to connect to. For example:
- For Screens to reach a computer named "Luana's Mac", set a port forwarding rule to send Screens connections intended for this machine from external port 59107 to that machine's port 5900.
- For Screens to reach a computer named "Luc's Mac", set a port forwarding rule to send Screens connections intended for this machine from external port 59108 to that machine's port 5900.
- and so on
Manual Configuration with Older Versions of Screens Connect
If you have other Macs running older versions of Screens Connect, you'll find specific instructions here.