Merge pull request #3965 from silversword411/master
Docs - fixing debugging, adding token notes
@ -1,4 +1,10 @@
|
||||
Youtube video about websockets: https://youtu.be/3vI4URd3VzU
|
||||
## Websockets Video
|
||||
|
||||
<div class="video-wrapper">
|
||||
<iframe width="320" height="180" src="https://www.youtube.com/embed/3vI4URd3VzU" frameborder="0" allowfullscreen></iframe>
|
||||
</div>
|
||||
|
||||
## Enabling trace in your browser Dev Tools
|
||||
|
||||
`Trace=1` as a parameter in chrome dev tools for debugging
|
||||
|
||||
@ -26,7 +32,7 @@ If you want to change node to meshcentral in journalctl, add this to /etc/system
|
||||
SyslogIdentifier=meshcentral
|
||||
```
|
||||
|
||||
## Logging it all
|
||||
## Server: Logging it all
|
||||
|
||||
To log everything that's possible, prepare the log directory.
|
||||
|
||||
@ -89,6 +95,8 @@ obj.fs.writeSync(obj.xxLogFile, new Date().toLocaleTimeString() + ' - ' + source
|
||||
|
||||
`log.txt` will now log everything in the Trace tab, but not formatted as nice.
|
||||
|
||||
## Restricting server to specific IP(s)
|
||||
|
||||
When doing debugging on my development server, I use this line in the settings section to block all agent connections except the agent I want:
|
||||
|
||||
```
|
||||
@ -97,9 +105,10 @@ When doing debugging on my development server, I use this line in the settings s
|
||||
|
||||
Of course, this is just for debugging.
|
||||
|
||||
|
||||
## Finding system ID types
|
||||
|
||||
<https://serverurl/meshagents>
|
||||
<https://serverurl/meshagents> aka trying figure out what this is
|
||||
|
||||
![ID](images/determine-id.png)
|
||||
|
||||
## General server statistics related
|
BIN
docs/docs/meshcentral/images/determine-id.png
Normal file
After Width: | Height: | Size: 19 KiB |
BIN
docs/docs/meshcentral/images/user_tokens1.png
Normal file
After Width: | Height: | Size: 203 KiB |
BIN
docs/docs/meshcentral/images/user_tokens2.png
Normal file
After Width: | Height: | Size: 166 KiB |
15
docs/docs/meshcentral/tokens.md
Normal file
@ -0,0 +1,15 @@
|
||||
# 14.1 Tokens
|
||||
|
||||
## User Tokens
|
||||
|
||||
![User Tokens 1](images/user_tokens1.png)
|
||||
|
||||
![User Tokens 2](images/user_tokens2.png)
|
||||
|
||||
## Software Integration Tokens
|
||||
|
||||
Currently, the login tokens in the user manual section 14.1 can't be tracked, deleted or revoked. They are generated with:
|
||||
|
||||
```bash
|
||||
node meshcentral --loginTokenKey
|
||||
```
|
@ -5,5 +5,5 @@
|
||||
## Video Walkthru
|
||||
|
||||
<div class="video-wrapper">
|
||||
<iframe width="320" height="180" src="https://www.youtube.com/embed/xfN3YbY6t7E" frameborder="0" allowfullscreen></iframe>
|
||||
<iframe width="320" height="180" src="https://www.youtube.com/embed/AzdKyzqmpIs" frameborder="0" allowfullscreen></iframe>
|
||||
</div>
|
||||
|
BIN
docs/docs/meshrouter/images/download-link.png
Normal file
After Width: | Height: | Size: 212 KiB |
BIN
docs/docs/meshrouter/images/login.png
Normal file
After Width: | Height: | Size: 453 KiB |
BIN
docs/docs/meshrouter/images/port_maps.png
Normal file
After Width: | Height: | Size: 274 KiB |
BIN
docs/docs/meshrouter/images/port_maps2.png
Normal file
After Width: | Height: | Size: 196 KiB |
BIN
docs/docs/meshrouter/images/port_maps3.png
Normal file
After Width: | Height: | Size: 220 KiB |
@ -7,3 +7,136 @@
|
||||
<div class="video-wrapper">
|
||||
<iframe width="320" height="180" src="https://www.youtube.com/embed/BubeVRmbCRM" frameborder="0" allowfullscreen></iframe>
|
||||
</div>
|
||||
|
||||
## Downloading
|
||||
|
||||
MeshCentral router is a Windows application that comes built-into the MeshCentral server or can
|
||||
be downloaded at: <http://info.meshcentral.com/downloads/MeshCentral2/MeshCentralRouter.exe>
|
||||
|
||||
It’s probably best to use the MeshCentral router that comes with your version of the MeshCentral
|
||||
server as the two will likely be most compatible. A given MeshCentral Router version may not
|
||||
work with any MeshCentral server versions. On MeshCentral, you can download MeshCentral
|
||||
Router with this link:
|
||||
|
||||
![Download](images/download-link.png)
|
||||
|
||||
_The router link will only show up on Windows browsers._
|
||||
|
||||
## Login
|
||||
|
||||
MeshCentral router will need to login to your MeshCentral server just like any browser. You can
|
||||
do this by entering the server name and account username and password. Depending on your
|
||||
server and account situation, you may see some or all of the following screens.
|
||||
|
||||
![Login](images/login.png)
|
||||
|
||||
If the second factor authentication is required, MeshCentral Router does not support hardware
|
||||
keys (WebAuthn), but does support the YubiKey™ OTP.
|
||||
|
||||
## Creating Port Maps
|
||||
|
||||
Once logged in, you can start adding port maps using the “Add Map…” and “Add Relay Map…”
|
||||
buttons on the bottom right. You can then create a map and open the associated application
|
||||
using the “Open…” button and remote to port map using the “Remove” button.
|
||||
|
||||
![port_maps](images/port_maps.png)
|
||||
|
||||
There are two different types of ports mappings. A normal port map and a relay port map. A
|
||||
normal port map will route packets to the selected destination computer that is running the mesh
|
||||
agent as shown here.
|
||||
|
||||
![port_maps](images/port_maps2.png)
|
||||
|
||||
A relay port map will route traffic thru the server and thru the remote agent to a target IP address
|
||||
on the remote agent’s network as shown here.
|
||||
|
||||
![](images/port_maps3.png)
|
||||
|
||||
Note that all traffic is encrypted using TLS from MeshCentral Router to the MeshCentral server
|
||||
and from the server to the MeshAgent. The server and the agent do have access the traffic so it’s
|
||||
recommended to use port mappings to tunnel data that is also encrypted for that end-to-end
|
||||
encryption is assured.
|
||||
|
||||
## Command Line Arguments
|
||||
|
||||
MeshCentral router can be run with command line arguments to make it quicker and easier to
|
||||
use. The arguments range from debugging to being able to quickly login and setting up port
|
||||
maps.
|
||||
|
||||
```bash
|
||||
-debug
|
||||
```
|
||||
|
||||
Causes MeshCentral Router to generate a “debug.log” dump file that can be useful for
|
||||
debugging.
|
||||
|
||||
```bash
|
||||
-host:<hostname>
|
||||
-user:<username>
|
||||
-pass:<password>
|
||||
-ignorecert
|
||||
```
|
||||
|
||||
This set of command line arguments make logging into the MeshCentral server easier. Note that
|
||||
specifying the password using a command line argument may not be secure as the command
|
||||
shell can record the password in the command history. The “ignorecert” argument is not
|
||||
recommended as it’s going to cause MeshCentral Router to ignore untrusted server certificates.
|
||||
This should only be used for debugging.
|
||||
|
||||
```bash
|
||||
-map:<protocol>:<localport>:<computername>:<app>:<remoteport>
|
||||
```
|
||||
|
||||
The “map” argument will automatically create a network map once MeshCentral Router is logged
|
||||
In. The protocol must be “TCP” or “UDP, the local port can be 0 for any. The computer name is
|
||||
the server-side name of the computer, if many computers have the same one, one of them will be
|
||||
selected. The app can be empty for a custom application, or can be “HTTP”, “HTTPS”, “RDP”,
|
||||
“PuTTY” or “WinSCP”. For the UDP protocol, no apps are currently supported so it should be left
|
||||
blank. For example you can use:
|
||||
|
||||
```bash
|
||||
-map:TCP:0:"MyComputer":HTTP:80
|
||||
-map:UDP:1235:"MyComputer"::1234
|
||||
```
|
||||
|
||||
The first example will map a random local port to port 80 of “MyComputer” and is expected for
|
||||
use with HTTP traffic. The second example maps local UDP port 1235 to port 1234 on
|
||||
“MyComputer”. It’s best for the computer name to be in quotes.
|
||||
|
||||
In addition to port mapping, you can also setup relay maps where a remote computer is used as a
|
||||
traffic relay like this:
|
||||
|
||||
```bash
|
||||
-relaymap:<protocol>:<localport>:<computername>
|
||||
:<app>:<remoteip>:<remoteport>
|
||||
```
|
||||
|
||||
This will relays a local port to thru the server and thru a remote agent to a target IP address and
|
||||
port. For example:
|
||||
|
||||
```bash
|
||||
-relaymap:TCP:555:"MyComputer":HTTP:192.168.1.1:80
|
||||
```
|
||||
|
||||
This will relay local port 555 to a 192.168.1.1:80 for HTTP traffic. A typical use of this is to be able
|
||||
to remotely configure a home router from anywhere on the Internet.
|
||||
|
||||
```bash
|
||||
-all
|
||||
```
|
||||
|
||||
The “all” switch will bind local ports to all network interfaces so that other computers on the
|
||||
network can use the port maps provided by MeshCentral Router. By default, local ports will be
|
||||
bound to the loopback interface so that only local application can use the port mappings.
|
||||
|
||||
```bash
|
||||
-tray
|
||||
```
|
||||
|
||||
The “tray” switch will place MeshCentral Router on the Windows system tray instead of the
|
||||
normal application bar.
|
||||
|
||||
## Conclusion
|
||||
|
||||
MeshCentral, MeshCentral Router and this document are all opens source and licensed using
|
||||
Apache 2.0, the full license can be found at <https://www.apache.org/licenses/LICENSE-2.0>.
|
||||
|
@ -6,7 +6,10 @@ nav:
|
||||
- install/index.md
|
||||
|
||||
- MeshCentral:
|
||||
- meshcentral/index.md
|
||||
- 'Index': 'meshcentral/index.md'
|
||||
- 'Tokens': 'meshcentral/tokens.md'
|
||||
- 'Assistant': 'meshcentral/assistant.md'
|
||||
- 'Debugging': 'meshcentral/debugging.md'
|
||||
|
||||
- Design and Architecture:
|
||||
- design/index.md
|
||||
@ -27,7 +30,7 @@ site_description: "A remote monitoring and management tool"
|
||||
site_author: "Ylianst"
|
||||
site_url: "https://git.meshcentral.com/"
|
||||
|
||||
dev_addr: "0.0.0.0:8006"
|
||||
dev_addr: "0.0.0.0:8010"
|
||||
|
||||
# Repository
|
||||
repo_name: "Ylianst/MeshCentral"
|
||||
@ -46,6 +49,7 @@ theme:
|
||||
- navigation.tabs
|
||||
- navigation.expand
|
||||
- navigation.top
|
||||
- navigation.instant
|
||||
- toc.integrate
|
||||
extra_css:
|
||||
- stylesheets/extra.css
|
||||
|