Installing MeshCentral on Windows

The first prerequisite is to ensure NodeJS is installed on the system. We will install the node version manager, activate it, then install the LTS version of NodeJS. Go to https://nodejs.org/en/download/ and download the installer approriate for your version of Windows then run through the installation wizard.

Once the installation is complete, you can verify the versions of NodeJS and NPM just installed with by opening a command prompt or Powewrshell window and entering the following commands:

node -v
npm -v

On Windows, the built-in firewall will need to be configured to allow TCP ports 80, 443 and 4433 and sometimes UDP port 16990. The MeshCentral Windows Installer will add incoming rules for these ports automatically. If using the advanced NPM installation or when changing the default ports, it may be needed to add or edit these firewall rules. In this section we look at how to do this. To get started, we need to go in the control panel, click “System and Security” then “Windows Defender Firewall” and “Advanced Settings” on the left side then click on “Inbound rules”. This will get us on the right place to add or edit firewall rules

If the MeshCentral Windows Installer was used, the “MeshCentral Server TCP ports” and optionally “MeshCentral Server UDP ports” rules should already be present.

To add a new firewall rule, click on the “New Rule…” then select “Port” and ok. TCP or UDP and enter the specific local ports needed and ok. Then click ok twice, enter the rule name and ok again.

Typically, inbound TCP ports 80, 443 and 4433 are used, but the rule can be added with different ports as needed.

We are finally ready to install MeshCentral! We use NPM to install the latest version of MeshCentral with the command below (in either Command Prompt or Pwershell, whichever is your preference):

mkdir meshcentral
cd meshcentral
npm install meshcentral

After the installation completes we can manually run MeshCentral for the first time:

node ./node_modules/meshcentral

At this point, you should see MeshCentral create its' certificates and start running. Running manually like this it is using the default configuration, and is in LAN only mode. You can open a web browser and either enter the name or IP address of the server in the address bar (or https://localhost if you are able to test from the server itself) and see the MeshCentral login page. Running without any options, MeshCentral defaults to LAN only mode, and you will only be able to manage computers inside of your local network. To manage computers over the internet, you need to have a static IP or public DNS record which resolves to the server. This setup is outside the scope of this article, but if you have those pieces in place, you can run MeshCentral with one of t ecommands below to have MeshCentral generate correctly named self-signed certificates and start in WAN mode:

node node_modules/meshcentral --cert hostname.domain.com
  #or:
node node_modules/meshcentral --cert 1.2.3.4

In either case, NOW is the time to go ahead and create a new account. The first account created becomes the server administrator, so yo don't want to delay creating this account. Once you have created this account and logged in with it successfully you can close MeshCentral again using CTRL-C. Next we will set up MeshCentral to run automatically in the background.

To run MeshCentral as a Windows Service, run the same command yo used above and add the “–install” argument. Like this:

node node_modules/meshcentral --cert hostname.domain.com --install

Once MeshCentral is started, you can access it via web browser just as we did earlier. You should now refer to the MeshCentral User's Guide or this wiki's configuration guides for information about on how to further configure and use MeshCentral.