For all those finding a 502 Bad Gateway error after setting this up, Here's a quote of the solution provided in the comments by @Yellowfever - so thanks to him for this. "Anyone getting 502 Bad Gateway with Nginx Proxy Manager? Here is the fix that worked for me Navigate to "cd /etc/rport" and then nano into rportd.conf. Go down to Cert File and Key File and remove the paths for the entry. Reboot the server. This will put the server into http mode. log into nginx reverse proxy manager and select HTTP instead of HTTPS and use HSTS. Should fix your issue"
Thanks for a video's. I thought it was just remote software. When I saw that you could monitor devices and see what is happening that sold me champ. We are small MSP and just getting started and this help us with our clients.
Super glad it helped out! Keep in mind, that as your company grows, keeping open source in business is done through donations, and paid subscriptions for more features. Best to you!
Very interesting. I have been using Solarwinds RMM for a while and been very pleased with their solution. It is however pricy so recently started looking into building our own alternative. Been looking at TacticalRMM, but there were some VERY unfortunate incidents with the application and its developer. Mesh Central, Zabbix and UVDesk seemed like an alternative to Solarwinds, but after seeing this video I would seriously consider replacing Mesh Central with Rport. Awesome stuff.
RealVNC, the most secure remote access solution on the market, has acquired RPort. RealVNC is fully committed to an open-core approach and the foundational RPort engine, which will remain open source. RealVNC will offer more advanced features as paid "plugins". Current RPort users can expect updates to the open source core along with options to extend it into a commercial product, all with the level of professional technical support that RealVNC has become known for.
Options like Rport, Meshcentral, and TacticalRMM are great. It feels like I lose nothing by going open source. I've not touched windows in my home for several years and almost everything I run but my nvidia driver and steam is open.
NVidia is starting to provide some open source drivers as well, so it's moving the right direction. Super glad Open Source is able to provide you the tools you need.
Zabbix is a monitoring solution. So it just monitors other systems, and can provider alerts / notifications and data when something is happening that you may not want to happen. CPU reaching max for extended periods, or Drives starting to go bad, etc. MeshCentral is an RMM (Remote Machine Management) tool, so it's for accessing and managing machines remotely (kind of like RDP but way better). RPort, has sadly gone closed source, so I can no longer recommend it as an option.
@@AwesomeOpenSource I use RPORT a lot when doing pentesting for companies. Strange choice for this company to choose the name RPORT because it’s in use for about 16 years that Metasploit exists
Great video and instruction. I just a test lab and worked like dream straight off the bat man. Question. To remote to a client do you have setup a Tunnel everytime?
really, you tell rport server to ask the client to create the tunnel... but yes. You can create a tunnel that is always on by unselecting the timers on the tunnel creation page, but that starts to defeat the whole security aspect a bit.
I saw that there is Docker container Rport. I want to know if you know about it and would it be different than the one you are demonstrating in your video?
I mention that there are a couple of containers made by individuals for RPort, but their setup was a bit "wonky" IMO, so I decided to go with a "bare metal" install of it. Feel free to give those containers a shot though. I would love to see the RPort folks make a container and use environment variables for all of the things that need to be setup.
If the container is not from the people behind RPort, I would avoid it for production use, perhaps avoid it all together, as you really can't know what has been backed into the container.
realvnc, after acquiring rport, committed to maintaining the opensource software and that was not what happened, they dismantled the opensource and are charging for the software, a shame congratulations realvnc for not complying with what was passed when purchasing the software
I actually purchased thinking rPort was still available. When I found out I couldnt use it, I unfortunately had to demand a refund. I'm all for supporting, but when you took away something that worked, that ticked me off. Sucks. I miss rPort. The REAL rPort.
This looks good!!! What is the minimum /recommended LXC i need to create for this? Also, I would like to use it to some SSH servers only (I don't want to install any clients), will it work?
Hey man, I've been battling this for a few hours now. But basically once I enable Force SSL in my Nginx Proxy manager I get a 502 bad gateway response. This means I can not reach rport over the internet and thus can also not connect any clients. Do you have any tips?
I'm actually facing the same issue. I think they changed something with the latest update. So, instead of using the LetsEncrypt certs inside NGinX Proxy Manager, I'm gonna grab the cert files and put them on the rport server directly where it has the self signed certs currently to see if that will work. The other options, which I have done already is to put it on a $5 droplet on Digital Ocean, Linode, something like that, and point your subdomain to the public IP of your DO droplet.
@@AwesomeOpenSource AH thank god I am not the only one. Please let me know if your idea of grabbing the cert files from Nginx proxy manager and putting the on the rport server worked!
@@AwesomeOpenSource Did you have any luck? I have tried using the LetsEncrypt certs from NPM inside of the rport server but it did not work out for me unfortunately..
I was very excited to use RPORT and out of everything I have tried so far it works the best. I have one gripe though. You have the ability to save scripts, but you can't select a saved script and then run it against a device or multiple devices. Under library, you can find the scripts that you have saved, but under the scripts tab you cannot select a script from the library. It looks like the process is to go to your library, copy your saved script then go to the scripts tab and paste it, selecting the devices. Unless I am mistaken? I would love to be wrong and that this functionality exists.
I believe you can select the scripts you have saved, and just select the devices to use it on. Here's a video of how it works... blog.rport.io/2021/09/efficient-windows-patch-management-with.html
Really great video about this really great open source solution. I installed the server on a small cloud server with 1 vcore and 512 MB ram, so I don‘t have to use nginx proxy manager and so there is no need to open a port. In addition to your video it is possible to connect to an internal client without the rport-client installed on it if you establish a farwording tunnel with a client to an other ip address. Fantastic stuft! The only thing I didn‘t get running is using selfhosting vaultwarden (with certificates created with openssl for https) through rport - connection through a not ending tunnel not possible with the vaultwarden client. I have a cgnat internet connection (Deutsche Glasfaser) and I would like to use vaultwarden.
It sounds like you are doing some amazing things with RPort already. I'm not sure how you might do that with VaultWarden though. I think something like Wireguard might be a better option in that case, especially from mobile.
You have a few options. If you have a public IP that changes regularely, then you might want to setup a DuckDNS account ( have a video on that too at ruclips.net/video/Dm5MyuUdq2s/видео.html ), and this will give you a URL that then updates to your new public IP. You could also setup an overlay network using something like ZeroTier or TailScale, and use that to access the device by hostname on the network, but it would require all devices to be on that same overlay network (essentially creating a LAN over the Internet). This is the ideal way if you are behind a double-NAT. If you have a public IP that changes only when your modem loses power, you could just set the A record for your domain, and when the IP changes, go update the A Record accordingly.
Go daddy have api and tokens with a simple script checks your ip if different updates go daddy mine runs on a Linux machine works 100% and yes my ip changes with bt cronjobs every 30s never failed me
Unfortunately, RPort is no longer open source. The install-on-premises website says: RPort open-source has been dicontinued 2023-09-20. The RPort installer and the server executable will require a valid license... 😠
amazing tool, but i can't make it Works, i'm getting this error when i try to connect direct a client through cloudflare to a vps: websocket: bad handshake. anybody had to deal with it?
Is that a cloudflare error? IF so, it may be an issue with TLS. I know someone said, that just after I released this, the next version required a higher level of TLS.
After this video, RPort released an update reuqiring TLS v1.2 or 1.3, and you need to set that in the proxy on the custom locations page I believe. Someone else posted about it in one of the comments. You might give that a shot.
Hmmm, for some reason the Rport server bash script says it's running but it's not accessible at all, the UI doesn't load, I use Traefik as a proxy and I figured it could be that I needed to add extra configuration although that was not the case. I temporarily opened all ports on the router and even then nothing loaded. Not sure what could be causing this issue. I fully read through your documentation. Machine: ARM64 Running in Oracle Cloud. Yes, I checked the official documentation, it says the following: "Clients are available for Linux, Windows, Mac with support of many architectures like ARM and MIPs." - Client Installation (Section) Any help would be appreciated.
I know that just after this video they made an update that now requires TLS 1.3 for SSL connections, so that had to be specified in NGinX, you may need to do the same in Traefik.
Great find there. Maybe useful for MSP's so I'll have to research it further. Too bad there's no docker version though. Also, would be helpful if you added a Windows client as the majority of users will be Windows.
I really do understand the desire to see it on Windows, I just simply don't have a windows system to test on right now. In the middle of a re-org on my virtual servers, and Windows is just a hassle to setup, so haven't done it yet. But, yes, this is definitely aimed as a tool for MSPs. Their pages have some great ways you can use RPort for all kinds of things beyond the little I showed.
Good video thanks for introducing this project. I have a question I want to install this service on my intranet is there a way to do this? I have tried to do some configurations but it gives SSL certificate errors. Thanks for attention :)
Does NGINX Proxy Manager run in docker alongside the normal /etc/nginx location and just modify configs to/from /etc/nginx as needed? Or is it intended to be the only NGINX running on the server with all domains hosted within it?
I believe NGinX Proxy Manager is seprate from normal /etc/nginx. You really are using the environment inside the container with NPM. You can run both, though the configuration may get a bit messy as you build out, just depending on how you're running things.
I'm bummed, it looks like they don't yet support Ubuntu Impish Indri. Went through the install script and it died on downloading the rport-guacamole file as there is no version for Impish Indri. Hopefully when they release 0.6.0 that support will be added.
@@AwesomeOpenSource Took your advise and posted. Received a response almost immediately. Apparently they only support LTS releases. With 22.04 around the corner, they will be supporting it. They also made a suggestion on how to skip past the missing dependency download - guacamole proxy server. I'll give it a try.
Hi, very interesting. I've followed your video but instead of using a proxy, I would like to use the cloudflared tunnels. Do you by any chance know out to configure them? The server is already recognized and is up and running but the client's access speacilly in windows isn't connecting to it, says "Can't connect to port 8000". Any help is much appreciated. Thank you
I'm not familiar with how the cloudflare tunnels are setup or work. I know there are several tutorials out there on how to get them running though. For this, it should work, but I don't know how that would need to be set up.
Running it inside my network, yes, I had to port forward (in my case I did 20000 - 20050), but yes that's a port that will be randomly used by a client when you want to create a tunnel. The way I understand it to work is that you initiate a tunnel creation request to the client, then the client actually creates a tunnel back to the server and uses one of those ports.
I've used your tutorial to install Rport and everything worked good for a moment then I realized that when i type in my vaultwarden url it goes to the rport site. I know its something with the port forwarding rules in pfsense. Do you have any advice on how to setup port forwarding in pfsense for this? I can only get one or the other working (vaultwarden or Rport).
I setup many external servers with my RPort install at the time. Everything worked with no issues for me, but don't recall if I was using CloudFlare for that proxy or not. I don't use it for a lot of my personal stuff. Are you having issues with it?
In the Settings area, you'll see on the left hand side a place for client groups, and you can add new ones there, then assign your clients to that group as well.
As per your instructions I have installed the rport server... But when I trt to login server unable to connect or unreachable... I didn't change domain name and didn't use proxy.
I helped someone earlier, so if you used the default entry for the domain, that's hwere rport expects to be connected at, so set it to a local domain if you haven't already). If you are running it on the same machine you are trying to access it from, you'll login at localhost:5000, otherwise you'll have to figure out the IP and try that.
Another really good video. I will admit I skipped bits so may have missed part that's answers my question... Is the right click to paste support on a SSH connection via rport?
I imagine it depends on what application you choose to use for the actual session. With Remmina, I'm sure paste functions work well in Linux (or in a terminal, etc), but not sure from the Chrome SSH Shell extension I mentioned for Windows, as I don't have a Windows machine to test with.
hi man, really thankful for your tutorial, I do not have any proxy setup which confused me how I do it. I've a cheap RackNead VPS and I want to set up rport. but failed. even though everything went normally, but when I try to access the admin page through the domain name which I've setup, its just cant access.
I haven't. Saw a few posts about others building their own, but it needs some static variables set before you build it as I recall... so a bit of a pain, unless they've made it easier recently.
I have raised and set up rport server in my local network. Can I just download client, install it offline (with no Internet access, just intranet ) on any of my servers and get RDP access to it from any other machine in my network?
What do you use to control your Android TV? I use currently Atjeews+WebFolder. It generally works well, but I always look in new tools, and I am sure you know them.
Can you suggest me a Tool like this for Mobile Device Management (MDM) and for Windows (Active directory Users) auditing like ManageEngine ADAudit Plus?
@@AwesomeOpenSource sure no problem, I have seen some too, but at the end they are lacking or asking for subscription. I will wait for your response, Thank you ☺
I used a reverse proxy for the web UI, and then forwarded ports 8000 and 20000 - 20050 on my firewall to the IP of the host machine. If you're not using a reverse proxy, you'll also have to forward port 5000 to your host machine.
Thank you for your amazing tutorial, I got one problem i hope you can help me to fix it. When i tried to add a tunnel via VNC a message pup-out (Port 5900 is not in listening state.).
I don't. I'd need more detail on your setup. If you want to jump to discuss.opensourceisawesome.com and ask in the Help-Me-Please channel, I'm sure we can help you out.
Anyone getting 502 Bad Gateway with Nginx Proxy Manager? Here is the fix that worked for me Navigate to "cd /etc/rport" and then nano into rportd.conf. Go down to Cert File and Key File and remove the paths for the entry. Reboot the server. This will put the server into http mode. log into nginx reverse proxy manager and select HTTP instead of HTTPS and use HSTS. Should fix your issue
With so little information, it's hard to know, but if you'll go to discuss.opensourceisawesome.com and message in the general channel, I'll see if I can help you.
Great video ( another one :-D ). upon setting up everything can't get it to work behind CF. exposing the public ip gets everything going but as soon as i proxy it its a no go. Any special step on this?
Look further down in the comments, as someone else experienced this and gave a potential solution. RPort changed some of their stuff a month or so after this video was made, which made this issue come up. I am doing an update video in a few weeks, and I'll try to cover how to deal with this as well.
Hi I loved your video a lot, I Just followed your setups and I can connect the remote system using SSH But , unfortunately VNC is not working for any remote system, I am using Ubuntu server and client both side. Gettting error "Failed to connect server". Not user if browser security is not letting me connect. Failed when connecting: Connection closed (code: 1006) Please sugeest
If it's a Ubuntu Desktop, then open the System Settings, and find the Sharing section. Enable Sharing, and enable VNC / Remote Connections, and enter a password.
@@AwesomeOpenSource i have a vps with terminal access only i cant access desktop for that i want to enable vnc so that i can use desktop i can use termial any wiki link how to enable vnc through terminal ?
They give you a bash script to add linux / unix / mac clients, and a powershell script for the Windows clients. When you create the client access it will show you both scripts, just highlight and run the powershell one on Windows machines.
Hi If anyone else is getting 502 error using NGNIX , this would be the reason why as per RPORT We discontinued the support of weak TLS. Make sure nginx uses TLS 1.3 to connect to the rport sever or switch of encryption if nginx and rport are running on the same host. Does anyone know how to configure Ngnix Proxy manager to use TLS 1.3 ?
@@AwesomeOpenSource You mean at the "advanced tab"? Also If I add this part, all I got is a "Welcome to OpenResty!" page and still unable to reach the server from the internet. Local ip/dashboard works, but no luck with remote access. (port forward/reverse proxy etc configured so my only assumption is this TLS 1.3 issue...)
They have an uninstall command on the site I linked. You can find the information here kb.rport.io/digging-deeper/advanced-client-management/uninstall-the-rport-client. Hope it helps.
I have been a Guacamole user since before the Apache Incubator, it is awesome. I just started testing Rustdesk... it totally stumped me at first since there is no web-ui initially. But I am looking at integrating it with TacticalRMM. Great videos, thanks.@@AwesomeOpenSource
Oh, seen it. Tactical is a full on RMM, but this one is more an advanced guacamole, minus the clientles/agentless setup. Am still not sure how well it compares to Meschentral, but i would guess meshcentral has alot more functions, but this has way better ui.
Tactical RMM seemed good if you only have windows clients, but they are lacking in Linux / Mac support from what I've seen recently look at it. MeshCentral is terrific if you want desktop access without having to use a 3rd party app on the server side. I use it still today because it's just a really easy way to get access. What RPort offers me is a really nice view of the machines / devices and their stats (Memory, CPU, Disk usage, Network stats), and it can create a tunnel to connect through as needed, which is really nice. The inventory view of all of this data is super nice as well, so for me MeshCentral is about getting connected easily, and RPort is about RMM machine stats.
I'm definitely a wordy guy, but I hope you get something from the meat of the content at least. I do definitely provide long-form content. If you're looking for shorter form channels I'd suggest @TechnoTim, and maybe @DBTech for more condensed content.
I installed the client and I get the following error: Detected Linux Distribution: Ubuntu 20.04.4 LTS * Trying 104.21.64.160:8000... * TCP_NODELAY set * Trying 2606:4700:3034::ac43:9882:8000... * TCP_NODELAY set * Immediate connect fail for 2606:4700:3034::ac43:9882: Network is unreachable I guess I have to open up port 8000 to the RPORT server?
Hello Is it possible to use rport only in local LAN? I'm getting an error during the Debian 11 installation phase. [-] Your public IP address xx.xx.x.. [*] System uses NAT [!] Random FQDNs are only generated for systems with a public IP address. [>] If this system is behind a one-to-one NAT (Azure, AWS EC2, Scaleway, GPE) use '--skip-nat' [>] If your are behind a NAT with a dynamic IP address provide a FQDN with '--fqdn' [!] NAT detected [=] Fatal Exit. Don't give up. Good luck with the next try.
I feel like I was able to access it via IP only. Not sure about it running as a local only. But if you setup your local domain it should work I believe.
Nice Video, Just about when the install is finishing I get the following error [-] Configuration file /etc/rport/rportd.conf written. touch: cannot touch '/var/lib/rport/user-auth.db': No such file or directory We are very sorry. Something went wrong. Command 'touch "$DB_FILE"' exited erroneous on line 1129. Try executing this installer or update with bash debug mode. bash -x rportd-installer.sh
For all those finding a 502 Bad Gateway error after setting this up, Here's a quote of the solution provided in the comments by @Yellowfever - so thanks to him for this.
"Anyone getting 502 Bad Gateway with Nginx Proxy Manager? Here is the fix that worked for me
Navigate to "cd /etc/rport" and then nano into rportd.conf. Go down to Cert File and Key File and remove the paths for the entry. Reboot the server. This will put the server into http mode. log into nginx reverse proxy manager and select HTTP instead of HTTPS and use HSTS. Should fix your issue"
key thing here. Before you go about fixing this issue and rebooting your server, copy the username and password that was generated. 😒
He did a very good job imo. Explaining the basics step by step. English is not my first language and I have no experience in using DAWs
Thank you. Glad you enjoyed it.
Thanks for a video's. I thought it was just remote software. When I saw that you could monitor devices and see what is happening that sold me champ. We are small MSP and just getting started and this help us with our clients.
Super glad it helped out! Keep in mind, that as your company grows, keeping open source in business is done through donations, and paid subscriptions for more features. Best to you!
Very interesting. I have been using Solarwinds RMM for a while and been very pleased with their solution. It is however pricy so recently started looking into building our own alternative. Been looking at TacticalRMM, but there were some VERY unfortunate incidents with the application and its developer. Mesh Central, Zabbix and UVDesk seemed like an alternative to Solarwinds, but after seeing this video I would seriously consider replacing Mesh Central with Rport. Awesome stuff.
Yep, RPort is an awesome tool!
RealVNC, the most secure remote access solution on the market, has acquired RPort. RealVNC is fully committed to an open-core approach and the foundational RPort engine, which will remain open source. RealVNC will offer more advanced features as paid "plugins". Current RPort users can expect updates to the open source core along with options to extend it into a commercial product, all with the level of professional technical support that RealVNC has become known for.
I just saw this too. Kind of interesting news I must say.
Thanks to bring up to us these great videos!!
My pleasure!
Love finding new tools! Thank you for this !
You bet!
Options like Rport, Meshcentral, and TacticalRMM are great. It feels like I lose nothing by going open source. I've not touched windows in my home for several years and almost everything I run but my nvidia driver and steam is open.
NVidia is starting to provide some open source drivers as well, so it's moving the right direction. Super glad Open Source is able to provide you the tools you need.
I just came back to this awesome video after years just to realize that they closed sourced it. How unfortunate. :(
indeed it's a shame
What use case would prefer for Zabbix, Mesh Central, and RPort? Maybe you could make a comparison video?
Zabbix is a monitoring solution. So it just monitors other systems, and can provider alerts / notifications and data when something is happening that you may not want to happen. CPU reaching max for extended periods, or Drives starting to go bad, etc. MeshCentral is an RMM (Remote Machine Management) tool, so it's for accessing and managing machines remotely (kind of like RDP but way better). RPort, has sadly gone closed source, so I can no longer recommend it as an option.
the best would be to have the scirpting part wokring on meshcentral like it works here..
Indeed, the scripting on RPort is pretty awesome.
Good Video , FYI- IP exposed on cloudflare @ 9.42
Thanks. I do what I can to hide it, but it's ok if it gets out there, I can change it just by hard rebooting my ISP modem.
RPORT and LPORT favorite commands in Metasploit for me
Yeah, it's really hard to google for 'Rport' because it gives those results, or wants to change it to 'report'.
@@AwesomeOpenSource I use RPORT a lot when doing pentesting for companies. Strange choice for this company to choose the name RPORT because it’s in use for about 16 years that Metasploit exists
It would be nice to have feature comparison of each remote server.
I may do a round up later, and see about giving a good comparison between them.
@@AwesomeOpenSource Thx
Simply awesome
Indeed it is.
Great video and instruction. I just a test lab and worked like dream straight off the bat man. Question. To remote to a client do you have setup a Tunnel everytime?
really, you tell rport server to ask the client to create the tunnel... but yes. You can create a tunnel that is always on by unselecting the timers on the tunnel creation page, but that starts to defeat the whole security aspect a bit.
I am loving your channel!
I'm so glad to hear that! Thank you.
great video, thanks again
Glad you enjoyed it
Muito bom esse video ( Very good video, hello from Brasil!!!)
Thank you very much.
I saw that there is Docker container Rport. I want to know if you know about it and would it be different than the one you are demonstrating in your video?
I mention that there are a couple of containers made by individuals for RPort, but their setup was a bit "wonky" IMO, so I decided to go with a "bare metal" install of it. Feel free to give those containers a shot though. I would love to see the RPort folks make a container and use environment variables for all of the things that need to be setup.
If the container is not from the people behind RPort, I would avoid it for production use, perhaps avoid it all together, as you really can't know what has been backed into the container.
You should take a look at teleport 👍
I intend to do just that. I haven't gotten to it yet, but it's on my list.
realvnc, after acquiring rport, committed to maintaining the opensource software and that was not what happened, they dismantled the opensource and are charging for the software, a shame congratulations realvnc for not complying with what was passed when purchasing the software
Yeah, I hate to see a great bit of open source software go the way of the dodo (IMO) and go closed source. Just a shame.
I actually purchased thinking rPort was still available. When I found out I couldnt use it, I unfortunately had to demand a refund. I'm all for supporting, but when you took away something that worked, that ticked me off. Sucks. I miss rPort. The REAL rPort.
Fantastic.😀
Glad you like it.
This looks good!!! What is the minimum /recommended LXC i need to create for this? Also, I would like to use it to some SSH servers only (I don't want to install any clients), will it work?
I did one with 2 G RAM, and it worked fine.
I have question on the portforwarding : do u forward (or proxy?) the ports 80, 443, 5000 AND 8000 and 20000-20050 via nginx proxy manager, too ?
I proxy 80, 443, 5000, and port forward 8000, 20000-20050.
@@AwesomeOpenSource I ended up proxying 8000 to a sub location as the port forward wasn't working for some odd reason.
Hey man, I've been battling this for a few hours now. But basically once I enable Force SSL in my Nginx Proxy manager I get a 502 bad gateway response. This means I can not reach rport over the internet and thus can also not connect any clients.
Do you have any tips?
I'm actually facing the same issue. I think they changed something with the latest update. So, instead of using the LetsEncrypt certs inside NGinX Proxy Manager, I'm gonna grab the cert files and put them on the rport server directly where it has the self signed certs currently to see if that will work. The other options, which I have done already is to put it on a $5 droplet on Digital Ocean, Linode, something like that, and point your subdomain to the public IP of your DO droplet.
@@AwesomeOpenSource AH thank god I am not the only one. Please let me know if your idea of grabbing the cert files from Nginx proxy manager and putting the on the rport server worked!
@@AwesomeOpenSource Did you have any luck? I have tried using the LetsEncrypt certs from NPM inside of the rport server but it did not work out for me unfortunately..
@@leon1997leon Having the same problem :( Popping a comment here to get notified if you come up with a solution
@@AwesomeOpenSource Any update on this? Maybe we can ask for support over on their website
I was very excited to use RPORT and out of everything I have tried so far it works the best. I have one gripe though. You have the ability to save scripts, but you can't select a saved script and then run it against a device or multiple devices. Under library, you can find the scripts that you have saved, but under the scripts tab you cannot select a script from the library. It looks like the process is to go to your library, copy your saved script then go to the scripts tab and paste it, selecting the devices. Unless I am mistaken? I would love to be wrong and that this functionality exists.
I believe you can select the scripts you have saved, and just select the devices to use it on. Here's a video of how it works... blog.rport.io/2021/09/efficient-windows-patch-management-with.html
@@AwesomeOpenSource the latest release doesn't offer the same functionality as they show in the video. Can't load up the saved script's
Really great video about this really great open source solution. I installed the server on a small cloud server with 1 vcore and 512 MB ram, so I don‘t have to use nginx proxy manager and so there is no need to open a port. In addition to your video it is possible to connect to an internal client without the rport-client installed on it if you establish a farwording tunnel with a client to an other ip address. Fantastic stuft! The only thing I didn‘t get running is using selfhosting vaultwarden (with certificates created with openssl for https) through rport - connection through a not ending tunnel not possible with the vaultwarden client. I have a cgnat internet connection (Deutsche Glasfaser) and I would like to use vaultwarden.
It sounds like you are doing some amazing things with RPort already. I'm not sure how you might do that with VaultWarden though. I think something like Wireguard might be a better option in that case, especially from mobile.
Great video! Very detailed :) but in my case my ISP use NAT to our public IP's so i don't have a static ip to point, what can I do? Any suggestions?
You have a few options. If you have a public IP that changes regularely, then you might want to setup a DuckDNS account ( have a video on that too at ruclips.net/video/Dm5MyuUdq2s/видео.html ), and this will give you a URL that then updates to your new public IP.
You could also setup an overlay network using something like ZeroTier or TailScale, and use that to access the device by hostname on the network, but it would require all devices to be on that same overlay network (essentially creating a LAN over the Internet). This is the ideal way if you are behind a double-NAT.
If you have a public IP that changes only when your modem loses power, you could just set the A record for your domain, and when the IP changes, go update the A Record accordingly.
Other option is something that uses a reverse tunnel , something like teleport
Go daddy have api and tokens with a simple script checks your ip if different updates go daddy mine runs on a Linux machine works 100% and yes my ip changes with bt cronjobs every 30s never failed me
Unfortunately, RPort is no longer open source. The install-on-premises website says: RPort open-source has been dicontinued 2023-09-20. The RPort installer and the server executable will require a valid license... 😠
Sadly, they were purchased by RealVNC, and the RealVNC folks pretty much immediately closed sourced it.
Your ip is visible in the video I think. Maybe edit the video 🙃. Good tutorial btw!
Yeah, but no worries, it changes occasionally, and I can even make it change with a reboot of my ISP modem. But thank you for letting me know, still.
amazing tool, but i can't make it Works, i'm getting this error when i try to connect direct a client through cloudflare to a vps: websocket: bad handshake. anybody had to deal with it?
Is that a cloudflare error? IF so, it may be an issue with TLS. I know someone said, that just after I released this, the next version required a higher level of TLS.
Amazing...!!!!!!
Thank you! Cheers!
Awesome guide - fails after Nginx Proxy setup with 502 Bad Gateway openresty - proxmox - LXC - Nginx Proxy as in your video - any ideas on how to fix?
After this video, RPort released an update reuqiring TLS v1.2 or 1.3, and you need to set that in the proxy on the custom locations page I believe. Someone else posted about it in one of the comments. You might give that a shot.
Hmmm, for some reason the Rport server bash script says it's running but it's not accessible at all, the UI doesn't load, I use Traefik as a proxy and I figured it could be that I needed to add extra configuration although that was not the case. I temporarily opened all ports on the router and even then nothing loaded. Not sure what could be causing this issue. I fully read through your documentation.
Machine:
ARM64
Running in Oracle Cloud.
Yes, I checked the official documentation, it says the following:
"Clients are available for Linux, Windows, Mac with support of many architectures like ARM and MIPs." - Client Installation (Section)
Any help would be appreciated.
I know that just after this video they made an update that now requires TLS 1.3 for SSL connections, so that had to be specified in NGinX, you may need to do the same in Traefik.
@@AwesomeOpenSource Understood, thank you very much. I will advise once I find the solution and post it here.
Great find there. Maybe useful for MSP's so I'll have to research it further. Too bad there's no docker version though. Also, would be helpful if you added a Windows client as the majority of users will be Windows.
I really do understand the desire to see it on Windows, I just simply don't have a windows system to test on right now. In the middle of a re-org on my virtual servers, and Windows is just a hassle to setup, so haven't done it yet. But, yes, this is definitely aimed as a tool for MSPs. Their pages have some great ways you can use RPort for all kinds of things beyond the little I showed.
windows has its own native solution and is pretty good from window to windows
Good video thanks for introducing this project. I have a question I want to install this service on my intranet is there a way to do this? I have tried to do some configurations but it gives SSL certificate errors. Thanks for attention :)
You should be able to. For SSL, I think RPort moved to ccepting only TLS v1.2 or 1.3, so maybe a certificate level issue.
Now It's Gone. Any alternative recommend? TRMM? I got issue with setup.
MeshCentral is really great.
Does NGINX Proxy Manager run in docker alongside the normal /etc/nginx location and just modify configs to/from /etc/nginx as needed? Or is it intended to be the only NGINX running on the server with all domains hosted within it?
I believe NGinX Proxy Manager is seprate from normal /etc/nginx. You really are using the environment inside the container with NPM. You can run both, though the configuration may get a bit messy as you build out, just depending on how you're running things.
@@AwesomeOpenSource have you heard of teleport that allows secure access to systems, maybe cover an install guide for that, looks interesting
I'm bummed, it looks like they don't yet support Ubuntu Impish Indri. Went through the install script and it died on downloading the rport-guacamole file as there is no version for Impish Indri. Hopefully when they release 0.6.0 that support will be added.
Here is hoping. You could always post on their GitHub site to request it as well.
@@AwesomeOpenSource Took your advise and posted. Received a response almost immediately. Apparently they only support LTS releases. With 22.04 around the corner, they will be supporting it. They also made a suggestion on how to skip past the missing dependency download - guacamole proxy server. I'll give it a try.
Hi, very interesting. I've followed your video but instead of using a proxy, I would like to use the cloudflared tunnels.
Do you by any chance know out to configure them?
The server is already recognized and is up and running but the client's access speacilly in windows isn't connecting to it, says "Can't connect to port 8000".
Any help is much appreciated. Thank you
I'm not familiar with how the cloudflare tunnels are setup or work. I know there are several tutorials out there on how to get them running though. For this, it should work, but I don't know how that would need to be set up.
Hi Brian, do you have to port forward 20000-30000 ports on your router?
Running it inside my network, yes, I had to port forward (in my case I did 20000 - 20050), but yes that's a port that will be randomly used by a client when you want to create a tunnel. The way I understand it to work is that you initiate a tunnel creation request to the client, then the client actually creates a tunnel back to the server and uses one of those ports.
@@AwesomeOpenSource Thank you
I've used your tutorial to install Rport and everything worked good for a moment then I realized that when i type in my vaultwarden url it goes to the rport site. I know its something with the port forwarding rules in pfsense. Do you have any advice on how to setup port forwarding in pfsense for this? I can only get one or the other working (vaultwarden or Rport).
I think you jumped over to the rocketchat server, and we tried to help, yes?
@@AwesomeOpenSource yes, I did.
My SecOps team shutdown mRemoteNG. They say it passes around passwords in clear text. I haven't confirmed myself.
Interesting.
Did you test external servers after going throught CF's proxy?
I setup many external servers with my RPort install at the time. Everything worked with no issues for me, but don't recall if I was using CloudFlare for that proxy or not. I don't use it for a lot of my personal stuff. Are you having issues with it?
how you add the differnet groups, I need to Create a Different Groups like Servers, Desktops, VMs how you do that please guide me
In the Settings area, you'll see on the left hand side a place for client groups, and you can add new ones there, then assign your clients to that group as well.
As per your instructions I have installed the rport server... But when I trt to login server unable to connect or unreachable... I didn't change domain name and didn't use proxy.
I helped someone earlier, so if you used the default entry for the domain, that's hwere rport expects to be connected at, so set it to a local domain if you haven't already). If you are running it on the same machine you are trying to access it from, you'll login at localhost:5000, otherwise you'll have to figure out the IP and try that.
Another really good video. I will admit I skipped bits so may have missed part that's answers my question... Is the right click to paste support on a SSH connection via rport?
I imagine it depends on what application you choose to use for the actual session. With Remmina, I'm sure paste functions work well in Linux (or in a terminal, etc), but not sure from the Chrome SSH Shell extension I mentioned for Windows, as I don't have a Windows machine to test with.
@@AwesomeOpenSource should create tunnel like you do at 22:45 to ssh my server?
Great video. Is this not the same as MobaXterm?
Looks like they do similar things.
hi man, really thankful for your tutorial, I do not have any proxy setup which confused me how I do it. I've a cheap RackNead VPS and I want to set up rport. but failed. even though everything went normally, but when I try to access the admin page through the domain name which I've setup, its just cant access.
On the domain name, do you have the A record pointed to the public IP of your server? Also, make sure you are trying to access it via SSL (HTTPS).
Have you attempted to install RPort in Docker? I haven't been able to locate a docker container for this.
I haven't. Saw a few posts about others building their own, but it needs some static variables set before you build it as I recall... so a bit of a pain, unless they've made it easier recently.
@@AwesomeOpenSource Thank you for the reply. I will keep investigating.
Sadly this is no longer open source.
Yes, and it's a crying shame.
Make a video about how to make a backup and transfer clients from one server to another.
Let me see what I can do down the road.
I have raised and set up rport server in my local network.
Can I just download client, install it offline (with no Internet access, just intranet ) on any of my servers and get RDP access to it from any other machine in my network?
You should be able to, yes. You may need to read through their documentation on how to set that up properly.
What do you use to control your Android TV? I use currently Atjeews+WebFolder. It generally works well, but I always look in new tools, and I am sure you know them.
I don't have an Android TV.
@@AwesomeOpenSource I didn't watch TV too until I got kids.
Can you suggest me a Tool like this for Mobile Device Management (MDM) and for Windows (Active directory Users) auditing like ManageEngine ADAudit Plus?
I'll look around, seen a few, but none that are really going to be easy to setup that are open source so far.
@@AwesomeOpenSource sure no problem, I have seen some too, but at the end they are lacking or asking for subscription. I will wait for your response, Thank you ☺
Can you share with us how you setup the port forwarding on your firewall?
Depends on your setup, are you using any reverse proxy?
I used a reverse proxy for the web UI, and then forwarded ports 8000 and 20000 - 20050 on my firewall to the IP of the host machine. If you're not using a reverse proxy, you'll also have to forward port 5000 to your host machine.
Thank you for your amazing tutorial, I got one problem i hope you can help me to fix it. When i tried to add a tunnel via VNC a message pup-out (Port 5900 is not in listening state.).
using Ubuntu server 20.04
Can you give a bit more detail of your setup? Same network, remote network, what ports are forwarded on the router, etc?
Hi
when i use nginx proxy manager i only get "Welcome to OpenResty!". do you know why???????
I don't. I'd need more detail on your setup. If you want to jump to discuss.opensourceisawesome.com and ask in the Help-Me-Please channel, I'm sure we can help you out.
Anyone getting 502 Bad Gateway with Nginx Proxy Manager? Here is the fix that worked for me
Navigate to "cd /etc/rport" and then nano into rportd.conf. Go down to Cert File and Key File and remove the paths for the entry. Reboot the server. This will put the server into http mode. log into nginx reverse proxy manager and select HTTP instead of HTTPS and use HSTS. Should fix your issue
Awesome Tip! Thank you for that!
yes!!!! been looking for this fix thank you!
I see Tabby!
Indeed. I use Tabby for things still today.
Hi,
i installed rport on linux machine
if i try to open the url getting error as site cant be reached
what are the things i need to do further
With so little information, it's hard to know, but if you'll go to discuss.opensourceisawesome.com and message in the general channel, I'll see if I can help you.
I wrote my query in that portal please guide me
Great video ( another one :-D ). upon setting up everything can't get it to work behind CF. exposing the public ip gets everything going but as soon as i proxy it its a no go. Any special step on this?
Look further down in the comments, as someone else experienced this and gave a potential solution. RPort changed some of their stuff a month or so after this video was made, which made this issue come up. I am doing an update video in a few weeks, and I'll try to cover how to deal with this as well.
Hi I loved your video a lot,
I Just followed your setups and I can connect the remote system using SSH But , unfortunately VNC is not working for any remote system, I am using Ubuntu server and client both side. Gettting error "Failed to connect server". Not user if browser security is not letting me connect. Failed when connecting: Connection closed (code: 1006) Please sugeest
Do you have VNC server setup on the client machine? You need to have it setup and enabled on the client before you can connect.
IP Chicken is the best
It is super simple, and does exactly what you need.
How to start a vnc server on ubuntu machine it says 5900 port not listening as no vnc server is running on host machine
If it's a Ubuntu Desktop, then open the System Settings, and find the Sharing section. Enable Sharing, and enable VNC / Remote Connections, and enter a password.
@@AwesomeOpenSource i have a vps with terminal access only i cant access desktop for that i want to enable vnc so that i can use desktop i can use termial any wiki link how to enable vnc through terminal ?
Any alternative to this now that this has become unusable?
MeshCentral is a powerful alternative.
So how do you add a Windows client? Its not like I can run those UNIX commands on it to install it. :)
They give you a bash script to add linux / unix / mac clients, and a powershell script for the Windows clients. When you create the client access it will show you both scripts, just highlight and run the powershell one on Windows machines.
great just need to address an open source print tracking software
Are you trying to track when someone prints a document?
yes tracking and everything printed

can i do ssh to my machine inside rport without tunneling?
Well, RPort creates the tunnel for you, so not sure what you mean?
Hi If anyone else is getting 502 error using NGNIX , this would be the reason why as per RPORT
We discontinued the support of weak TLS. Make sure nginx uses TLS 1.3 to connect to the rport sever or switch of encryption if nginx and rport are running on the same host.
Does anyone know how to configure Ngnix Proxy manager to use TLS 1.3 ?
I think you can add this on the Custom locations tab:
location / {
proxy_ssl_protocols TLSv1.2 TLSv1.3;
}
@@AwesomeOpenSource You mean at the "advanced tab"? Also If I add this part, all I got is a "Welcome to OpenResty!" page and still unable to reach the server from the internet. Local ip/dashboard works, but no luck with remote access. (port forward/reverse proxy etc configured so my only assumption is this TLS 1.3 issue...)
@@MakaiTechReviews got the same issue :( have you found a soloution?
@@hjaltioj nah, could not figure it out.
@@AwesomeOpenSource adding these parameters changes the staus to "offline"
hello sir, is it possible to access using ssh without password (password entered one time)
I'd say it's better to setup you ssh rsa key, and use that instead of passwords, and then the session just starts over the tunnel when initiated.
Seems like the project is no longer open source and we have to pay to continue using it;
The back end api is the open source part. The web hi is not open source.
how can i uninstall the RPort agent ?
They have an uninstall command on the site I linked. You can find the information here kb.rport.io/digging-deeper/advanced-client-management/uninstall-the-rport-client. Hope it helps.
@@AwesomeOpenSource Thank you for the response and the great work you do
Is this based on meshcentral?
Not as far as I know. RPort is it's own thing.
@@AwesomeOpenSource I think this is written in Go, funny how similar they are.
I think they got bought out by RealVNC not long ago, not sure the open source part is still around.
looks like no new support, i.e. realvnc acquires rport...
Sadly, they also apparently took RPort closed source after the purchase. Shame.
They have closed-source and made it commercial. Nothing to see here, move along 😞
Sadly they have. Luckily we still have Remotely, Rustdesk, MeshCentral, Guacamole, and several others.
I have been a Guacamole user since before the Apache Incubator, it is awesome. I just started testing Rustdesk... it totally stumped me at first since there is no web-ui initially. But I am looking at integrating it with TacticalRMM. Great videos, thanks.@@AwesomeOpenSource
@@AwesomeOpenSource I love your vids. could you please look @ tacticalrmm
How is this different from Tactical RMM
Oh, seen it. Tactical is a full on RMM, but this one is more an advanced guacamole, minus the clientles/agentless setup. Am still not sure how well it compares to Meschentral, but i would guess meshcentral has alot more functions, but this has way better ui.
Tactical RMM seemed good if you only have windows clients, but they are lacking in Linux / Mac support from what I've seen recently look at it. MeshCentral is terrific if you want desktop access without having to use a 3rd party app on the server side. I use it still today because it's just a really easy way to get access.
What RPort offers me is a really nice view of the machines / devices and their stats (Memory, CPU, Disk usage, Network stats), and it can create a tunnel to connect through as needed, which is really nice. The inventory view of all of this data is super nice as well, so for me MeshCentral is about getting connected easily, and RPort is about RMM machine stats.
RIP
Sadly, yes.
S
orry, in my opinion, too much talk before entering in the matter
I'm definitely a wordy guy, but I hope you get something from the meat of the content at least. I do definitely provide long-form content. If you're looking for shorter form channels I'd suggest @TechnoTim, and maybe @DBTech for more condensed content.
I installed the client and I get the following error:
Detected Linux Distribution: Ubuntu 20.04.4 LTS
* Trying 104.21.64.160:8000...
* TCP_NODELAY set
* Trying 2606:4700:3034::ac43:9882:8000...
* TCP_NODELAY set
* Immediate connect fail for 2606:4700:3034::ac43:9882: Network is unreachable
I guess I have to open up port 8000 to the RPORT server?
Yes, and sorry for the late reply, but you need to allow port 8000 to the host, as well as your port range.
Hello
Is it possible to use rport only in local LAN?
I'm getting an error during the Debian 11 installation phase.
[-] Your public IP address xx.xx.x..
[*] System uses NAT
[!] Random FQDNs are only generated for systems with a public IP address.
[>] If this system is behind a one-to-one NAT (Azure, AWS EC2, Scaleway, GPE) use '--skip-nat'
[>] If your are behind a NAT with a dynamic IP address provide a FQDN with '--fqdn'
[!] NAT detected
[=] Fatal Exit. Don't give up. Good luck with the next try.
I feel like I was able to access it via IP only. Not sure about it running as a local only. But if you setup your local domain it should work I believe.
@@AwesomeOpenSource Thank you. I failed in the installation, I gave up using it.
Nice Video, Just about when the install is finishing I get the following error
[-] Configuration file /etc/rport/rportd.conf written.
touch: cannot touch '/var/lib/rport/user-auth.db': No such file or directory
We are very sorry. Something went wrong.
Command 'touch "$DB_FILE"' exited erroneous on line 1129.
Try executing this installer or update with bash debug mode.
bash -x rportd-installer.sh
Sounds like there may be a permission issue on the folder you are installing into.