Forum Replies Created
-
Posts
-
This is a simple schema of how web sessions work:
JS/browser < internet HTTPS > nxhtd [ apache webserver ] <> nxwebrunner [ CGI app] <> nxwebplayer < NXD / SSHD > nxserver
so breaking this down:
1. JS/Browser — HTTPS [to nxhtd / apache web server ] – The communication between the browser and nxhtd is over HTTPS. This ensures secure transmission of data via the standard HTTP protocol.
2 NXHTD — NXWebRunner. NXWebRunner parses and validates the incoming messages from the client (sent via JS/browser)to nxwebplayer.
3 NXWebRunner — NXWebPlayer. NXWebPlayer acts as the daemon and is responsible for handling the communication flow between NXServer and NXWebRunner. NXHTD, NXWebRunner and NXWebPlayer are on the same host. They cannot be separated.
4 NXWebPlayer — NXD/SSHD – NXServer. NXWebPlayer is the intermediary between the web environment and NXServer, ensuring that all communication is correctly routed, formatted, and transmitted. Messages over this secure channel are in “NX protocol format” so nx or ssh. You can configure the web server to connect to a different nxserver, so on a different host. This could give you some separation.
You might also consider a reverse proxy (configurable in apache for example), but without knowing much about your specific requirements, it’s difficult to advise further. What I suggest you do is contact our sales team via the website so we can understand your requirements better and evaluate what NoMachine products and configuration is best for your environment.
Hello Steve92,
1) the flow would be like:
[ Browser/JS ] <= HTTPS => [ nxhtd / nxwebplayer ] <= nxd => [ nxserver ]
2) NX WebPlayer is a CGI
3) Yes, nxhtd and nxwebplayer have to be on the same machines.
If you replace nxhtd with “Your Own Apache Web Server” it still have to be on the same machine as nxwebplayer.Hello,
1 Please ensure that all machines are on the same network and that mDNS broadcasting is not blocked by a router or by having the machines on different subnets.
2 Verify that on the machines where other servers are not visible in NXPlayer, the option
Player Settings -> Security -> 'Don't show other computers on this LAN'is not checked.If steps 1 and 2 do not help, please proceed:
3 On a machine where other servers are visible and on a machine where the issue occurs (servers are not visible), please run the following commands in the CMD on both machines:
3.1 Check if the %HOME% environment variable is set by running:
echo %HOME%If it’s not set, you can set it with the following command:
set HOME=C:\Users\YourUsernameNote: Replace
YourUsernamewith your actual username.3.2 Execute the nxlocate -s command:
"C:\Program Files\NoMachine\bin\nxlocate.exe" -sNote: The path may be different depending on where NoMachine was installed.
You should see a similar output:
C:\>"c:\Program Files\NoMachine\bin\nxlocate.exe" -s 19308 8516 2024-06-03 17:46:32 022.453 Features/Features: WARNING! Can't open version file 'C:\Program Files (x86)\NoMachine\etc\version'. 19308 8516 2024-06-03 17:46:32 022.453 Features/Features: WARNING! Error is 2, 'No such file or directory'. 19308 8516 2024-06-03 17:46:32 022.453 LocateMain: Creating locate client. 19308 8516 2024-06-03 17:46:32 022.453 LocateMain: Running locate application.After this, type the following command and press Enter:
command=list,type=localWait at least 1 minute and then collect the output. During this time, all servers should show up as a response in CMD.
After at least 1 minute, please break by pressingCtrl + Cand send us the output.Send it directly to forum[at]nomachine[dot]com.
Repeat the above steps on both machines where it works and where it doesn’t.
It seems like your firewall might be blocking UPnP traffic from your router, which could prevent the router’s response to the UPnP request from reaching your machine.
If you’re using the default firewall on Linux Mint, which is typically ‘ufw’, you can allow incoming UPnP traffic from your router by executing the following command:
ufw allow from 192.168.1.1 port 1900 to any proto udpAfter allowing this traffic, you can initiate UPnP mapping by running:
/etc/NX/nxserver --upnpmapOnce done, UPnP should be operational on your machine. Remember to repeat this process on every machine where UPnP functionality is required.
Note: To find your router’s IP address, you can use the following command:
ip route | grep defaultIf you’re using any additional outer firewalls, ensure to add a similar firewall rule to allow UPnP traffic as mentioned above.
Hello ddrucker,
if the NoMachine network daemon (nxd) is configured on the server to listen on a different port, it’s necessary to modify the web connection settings as you probably already did.
But also it’s necessary to modify
client.crtfile.Assuming hots wasnt changed, and in Server Section is used
localhostor127.0.0.1,
but NXD port changed to 4400
”Update the client.crt file, on Linux
/var/NX/nxhtd/.nx/config/client.crt, to have:Host:localhost 4400 -----BEGIN CERTIFICATE----- (...) -----END CERTIFICATE----- Host:127.0.0.1 4400 -----BEGIN CERTIFICATE----- (...) -----END CERTIFICATE-----Please check article bellow for more details,
Hello k.gorbachev,
ensure that ownership (nxhtd:nxhtd) and permissions (700, on Linux and Mac) are preserved for the new connection file.
Please check by executing:
ls -lah /usr/NX/share/configTo set proper ownership and permissions on Linux or Mac:
chown nxhtd:nxhtd cfm.nxs chmod 0700 cfm.nxsFor instructions please see: https://knowledgebase.nomachine.com/DT11R00193
Hello Girgburg,
you wrote:
but when I try to replace “none” with “for users connecting with the NX protocol”
to be sure, can you please make sure that key
EnableUPnPin server.cfg is set only toNX,
so the whole line would looks like:EnableUPnP NXif not, please change to be like above.
UPnP/NAT-PMP port mapping is enabled by default in NoMachine (free) version
Please also make sure that on your router device, UPnP is enabled.
If not, you will have to enable UPnP.Then on Windows: start cmd.exe as root (Administrator) and execute those commands
# To start port mapping:
"C:\Program Files (x86)\NoMachine\bin\nxserver.exe" --upnpmap#To display status and ports:
"C:\Program Files (x86)\NoMachine\bin\nxserver.exe" --upnpstatusHello jxu,
we would need to collect debug logs.
Restart router, wait till it finish and repeat all the steps on both machines, Linux and Mac:1 Enable debug and restart nxserver:
”
sudo /etc/NX/nxserver –debug –enable all
sudo /etc/NX/nxserver –restart
”2 Reproduce the problem
”
sudo /etc/NX/nxserver –upnpmap
sudo /etc/NX/nxserver –upnpstatus
”3 Collect logs and disable debug:
”
sudo /etc/NX/nxserver –debug –collect
sudo /etc/NX/nxserver –debug –disable all
sudo /etc/NX/nxserver –restart
”4 Please send to us also server.cfg files from both machines, Linux and Mac.
This article explains how to collect the logs: https://knowledgebase.nomachine.com/DT11R00181
Please attach logs to your reply here or you can send them to forum[at]nomachine[dot]com making sure to use the topic’s title in the subject.Hello jxu,
– as first stop/disable zerotier service.
– then to disconnect its interface please try this command:
”
nmcli device disconnect ztbpamnldl
”– check if this interface id disconnected, by:
”
nmcli device status
”when all goes ok, and there will be only one interface enabled/connected,
restart nxserver, reproduce and please let us know if this helps:”
sudo /etc/NX/nxserver –restart
sudo /etc/NX/nxserver –upnpmap
sudo /etc/NX/nxserver –upnpstatus
“Hello jxu,
on Linux machine I see those 2 interfaces
”
wlp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.7 netmask 255.255.255.0 broadcast 192.168.0.255ztbpamnldl: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 2800
inet 10.147.19.222 netmask 255.255.255.0 broadcast 10.147.19.255
”could you please, for test purpose, disable/remove ‘ztbpamnldl’ interface,
so there will be only one ‘wlp2s0’ like on Mac os.May I ask what is this ‘ztbpamnldl’ interface?
Then restart nxserver, reproduce and please let us know if this helps:
”
sudo /etc/NX/nxserver –restart
sudo /etc/NX/nxserver –upnpmap
sudo /etc/NX/nxserver –upnpstatus
“Hello jxu,
we would need some more information:
Can you describe the network infrastructure
– router model / version
– is there more than one router / network interfaces on which Linux machine is connected?
– are both machines connected to the same router, both over wifi/lan or mixed?To list all interfaces on Mac and Linux, you can execute in terminal following command and show here the ouput:
”
ifconfig -a
“Hello Fedour,
we do not support UPnP for IPv6
You will have to configure the router manually through its administrative interface and set there Port Opening/Port Forwarding.
Some general guidelines you can find in this article:
https://www.nomachine.com/AR10R01099#2.3Hello cadavis22,
we could not reproduce this issue.
Could you try gather logs with steps from here?
https://www.nomachine.com/DT10O00162#1It must be done in cmd as administrator user.
After enabled logs, please reproduce issue, and then gather the logs.
Please send to us also htd.cfg and server.cfg configuration files.If it is possible, could you try nxplayer to connect to the same host,
to see if this works?Please send the logs to forum[at]nomachine[dot]com using the title of this forum’s thread as the mail’s subject.
Hello ziomario,
There is known issue, when you change GW port from GUI, and after that changed service status, like restart/stop/start, it won’t save that port.
However, when you change GW port from GUI and then simply “go back”, without changing service’s status, it should works.
So if you could please try this one – open GUI, change GW port, and just after it simply “go back”. Then return to that section and check if changes was saved?
For other ways how to change GW port please refer to https://www.nomachine.com/AR10R01099#4.1
Hello ziomario,
may I ask what version are you using, and if it is not not the latest one could you upgrade to the last one?
We recently fixed a problem with UPnP portOtherwise please tell us on what Os does it happen, how exactly do you change “Gateway” port,
and how do you check it use old one [ by calling ‘nxserver –upnpstatus’ command maybe? ].