Introduction
The PMC Endpoint Manager is designed to manage NComputing devices across both local-area networks (LAN) and wide-area networks (WAN), including devices located behind firewalls and NAT routers. With capabilities like automatic discovery, check-in, remote firmware updates, provisioning, and flexible configuration, PMC ensures centralized and streamlined endpoint management—all accessible from a web browser.
This article shows a real-life example of how PMC can manage devices from both local and remote (WAN) networks, even when those devices are behind NAT routers and firewalls. The goal is to help you visualize how everything works together with as little complexity as possible.
Example Deployment Topology
In an example scenario below, PMC is deployed in a company's data center with both internal and external devices communicating through configured NAT routers. We will reference how PMC manages devices between internal and external networks.
Company Network Setup
Let’s imagine this company has a data center where PMC is installed. This is your central hub for managing all NComputing devices.

Here are some basic details if this proposed scenario:
PMC Internal Configuration
- PMC’s Internal IP address: 10.220.25.11
- PMC uses TCP Port: 443 (default secure HTTPS port)
- Public IP (Company’s Data Center Router): 55.124.17.81
- Public FQDN: some.external.fqdn
(DNS translates this to 55.124.17.81:11443)
In this theoretical scenario, the firewall is configured to forward (translate) incoming TCP traffic entering though the external Public IP (55.124.17.81) on port 11443 and route it to PMC’s internal IP (10.220.25.11) on port 443. This allows external devices to securely connect to PMC through the Internet. We will cover that next...
Remote Site Example
Let’s propose that in this example scenario, that there are remote offices, each with NComputing devices behind a typical office router (which uses NAT). Here’s what that setup looks like:
Remote Site | Internal Subnet | Public IP (seen by PMC) |
Site 1 | 172.16.18.0/24 | 13.8.3.21 |
Site 2 | 192.168.12.0/24 | 212.77.27.82 |
Site 3 | 10.0.5.0/24 | 72.163.4.17 |
The flexibility to utilize diverse formats for Connection Address enables external devices to connect to PMC with convenience. The supported formats are:
- 55.124.17.81:11443
- some.external.fqdn:11443
- https://55.124.17.81:11443
- https://some.external.fqdn:11443
Each format functions identically, allowing users to select the most suitable option for their specific setup or for ease of recall.
Internal LAN Devices
Devices within the internal subnet (e.g., 10.100.45.0/24) can access PMC directly, without NAT translation. Supported formats for Connection Addresses used to reach PMC are shown below:
- 10.220.25.11
- 10.220.25.11:443
- https://10.220.25.11
- https://pmc.company.local
(Assuming internal DNS resolves this FQDN to the correct internal IP.)
Access Restriction with IP Rules (PMC v4.1.1+)
PMC v4.1.1 introduced IP access restrictions for tighter security and control over which devices and users can access the system.
To use it:
Go to Administration > System Settings in PMC.
Enable IP access restrictions.
Here are some examples of IP rules you might configure:
Location | Rule (CIDR Format) |
Remote Site 1 | 13.8.3.21/32 |
Remote Site 2 | 212.77.27.82/32 |
Remote Site 3 | 72.163.4.17/32 |
Internal Office | 10.100.45.0/24 |
You can also restrict users from accessing PMC from outside these trusted locations by setting group-based IP access rules under Administration > User Management.
User Access Restrictions
User group access can also be limited to specific locations by defining IP rules under:
Administration > User Management → Select User Group → Define IP Access Rules.
Conclusion
This deployment example demonstrates the flexibility of PMC in managing NComputing devices across geographically distributed networks, including NAT-configured environments. Whether devices are local or remote, PMC ensures reliable, secure, and centralized endpoint management.
If you need assistance with configuration or troubleshooting, please contact NComputing Technical Support.
Article Number: 849
Last Revised: 04/2025