Skip to main content
davidinark
davidinark
New Member
May 28, 2013
Question

Google Remote Desktop?

  • May 28, 2013
  • 3 replies
  • 12343 views
We are a Google Apps shop and are trying to roll out Google Remote Desktop. I can connect to other sites/sessions, but I cannot seem to SHARE desktops from within our organization. We have a Fortigate 300C. I am not sure what policies I need to edit, nor where they would go, in order to make this work. Any ideas? According to Google, I should do the following, but I haven' t messed with specific port assignments in my Fortigate in this manner, so I appreciate any help! Thanks! Check your firewall settings Your computer' s firewall may be configured in a way that doesn' t let the app work properly. Verify that your firewall permits outbound UDP traffic, permits inbound UDP responses, and allows traffic on TCP ports 443 (HTTPS) and 5222 (XMPP).

    3 replies

    rwpatterson
    rwpatterson
    New Member
    May 28, 2013
    Unless they specify a UDP port or port range, I would hesitate to roll that out. HUGE security hole, in my opinion.
    davidinark
    davidinarkAuthor
    New Member
    May 28, 2013
    Thanks. I tried opening OUTSIDE > INSIDE all, all, all and it still didn' t work so obviously I have something else going on. Lovely.
    rwpatterson
    rwpatterson
    New Member
    May 28, 2013
    That will only work if you use public addresses on the inside and they are routeable. No way to get to private inside addresses unless you use a virtual IP address.
    rmorley
    rmorley
    New Member
    June 6, 2013
    So this is possible, I have done it. The way it works, is you configure your desktop first. That configures an instance of chrome to run as a service on the desktop. That service needs 80,443, and 5222 outbound to googles servers. The easiest way to find the correct protocols and port numbers for me, is to create an allow all outbound rule for the desktop, and watch the sessions on the firewall. That' s how I found out about 5222 (I think it was udp). This is just as much as a security hole as gotomypc is, or any other remote desktop. I would be most concerned about a mischievous person installing it on someone elses computer and being able to remote others. But I work for a school district where we have teenagers!
    Terms & ConditionsAccessibility statement