starred/docker-ipsec-vpn-server

Fork 0

mirror of https://github.com/hwdsl2/docker-ipsec-vpn-server.git synced 2026-04-26 01:55:53 +03:00

[GH-ISSUE #416] Question - macOS Sonoma High Performance Screen Sharing #389

New issue

Closed

opened 2026-03-02 08:01:48 +03:00 by kerem · 2 comments

kerem commented

2026-03-02 08:01:48 +03:00

Owner

Originally created by @squishycat92 on GitHub (Feb 2, 2024).
Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/416

Hello! I was experimenting with the new High Performance screen sharing mode that Apple recently introduced to macOS Sonoma, which is supposed to (and, at least on LAN connections) reduces latency and increases quality by using the media engine in Apple Silicon Macs to accelerate screen sharing encode and decode.

According to Apple's documentation, this feature requires UDP ports 9000, 9001, and 9002 to be open, which I assume is available through the IKEv2 connection, since the connection succeeds and is able to authenticate to the remote Mac. However, as shown in the attachment below, no picture is displayed - there is only a mouse cursor. Clicks and mouse movements are still translated to the remote machine, but no picture is displayed.

I did quite a bit of research on this issue, and it seems that this issue is not due to a slow connection, since VM network bridges still result in the same issue. Indeed, it appears that this issue is quite widespread, and perhaps due to Apple's implementation of how High Performance Mode might only support local connections: [1], [2].

It is worth noting that someone suggested (but did not test themselves) High Performance mode via Tailscale. I have no clue if this works, and did not try, because Tailscale uses a different approach than a standard IKEv2 VPN like this container. Someone else on StackExchange said that WireGuard is able to perform High Performance, so perhaps it is possible (since Tailscale is based on WireGuard).

Originally created by @squishycat92 on GitHub (Feb 2, 2024). Original GitHub issue: https://github.com/hwdsl2/docker-ipsec-vpn-server/issues/416 Hello! I was experimenting with the new High Performance screen sharing mode that Apple recently introduced to macOS Sonoma, which is supposed to (and, at least on LAN connections) reduces latency and increases quality by using the media engine in Apple Silicon Macs to accelerate screen sharing encode and decode. According to Apple's [documentation](https://support.apple.com/guide/remote-desktop/use-high-performance-screen-sharing-apdf8e09f5a9/mac), this feature requires UDP ports 9000, 9001, and 9002 to be open, which I assume is available through the IKEv2 connection, since the connection succeeds and is able to authenticate to the remote Mac. However, as shown in the attachment below, no picture is displayed - there is only a mouse cursor. Clicks and mouse movements are still translated to the remote machine, but no picture is displayed. I did quite a bit of research on this issue, and it seems that this issue is not due to a slow connection, since VM network bridges still result in the same issue. Indeed, it appears that this issue is quite widespread, and perhaps due to Apple's implementation of how High Performance Mode might only support local connections: [[1]](https://www.reddit.com/r/MacOS/comments/16tbkzj/high_performance_screen_sharing_between_apple/), [[2]](https://apple.stackexchange.com/questions/462622/high-performance-screen-sharing-on-macos-sonoma). It is worth noting that someone [suggested](https://www.reddit.com/r/MacOSBeta/comments/142nqhj/completely_redesigned_screen_sharing_app_in_macos/) (but did not test themselves) High Performance mode via Tailscale. I have no clue if this works, and did not try, because Tailscale uses a different approach than a standard IKEv2 VPN like this container. Someone else on StackExchange said that WireGuard is able to perform High Performance, so perhaps it is possible (since Tailscale is based on WireGuard). <img width="1838" alt="image" src="https://github.com/hwdsl2/docker-ipsec-vpn-server/assets/62223616/f3114dd2-395c-458e-8d09-d636572f9539">

kerem closed this issue

2026-03-02 08:01:49 +03:00

kerem commented

2026-03-02 08:01:49 +03:00

Author

Owner

@hwdsl2 commented on GitHub (Feb 2, 2024):

@squishycat92 Hello! Thank you for describing your use case. AFAIK, if you use Docker for Mac with the Docker image in this project, note that Docker usually creates a separate network for the containers, therefore it may be difficult to access UDP ports on the Docker host (your Mac) while connected to the VPN server (which is running inside a container).

For this use case, perhaps you can try alternative solutions, such as the direct WireGuard tunnel or Tailscale, as you mentioned.

@hwdsl2 commented on GitHub (Feb 2, 2024): @squishycat92 Hello! Thank you for describing your use case. AFAIK, if you use Docker for Mac with the Docker image in this project, note that Docker usually creates a separate network for the containers, therefore it may be difficult to access UDP ports on the Docker host (your Mac) while connected to the VPN server (which is running inside a container). For this use case, perhaps you can try alternative solutions, such as the direct WireGuard tunnel or Tailscale, as you mentioned.

kerem commented

2026-03-02 08:01:49 +03:00

Author

Owner

@squishycat92 commented on GitHub (Feb 2, 2024):

Hmmm okay, thank you very much! I will try Tailscale and see how it works.

@squishycat92 commented on GitHub (Feb 2, 2024): Hmmm okay, thank you very much! I will try Tailscale and see how it works.

No labels

bug

pull-request

question

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/docker-ipsec-vpn-server#389

No description provided.

Rows
Columns