Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]
VPN-less Remote Control via VNC
Article Index
VPN-less Remote Control via VNC
Part 2
Part 3
Page 4
All Pages

By Bryan Keadle ( This e-mail address is being protected from spambots. You need JavaScript enabled to view it )
2/12/2005

Using the VNC Repeater:
The VNC Repeater enables you to open up a single port on your firewall to the VNC Repeater machine (kind of a "gateway" or "proxy"), and use the VNC Viewer to remote control any local machines running the WinVNC Server. To follow are the instructions for this setup.

Download UltraVNC: http://uvnc.com
This "distribution" of the Open Source VNC project includes additional features including other compression algorithms for speed and flexibility, file transfer, chat, and MS Logon authentication, to name a few.

Install the VNC Server on a machine to be remote controlled
(WinVNC Server machine):

Select the necessary properties of WinVNC repeater


Setup VNC Repeater machine:


Install UltraVNC on your VNC Repeater machine. In the properties of the server icon in the system tray, be sure to check on the Allow Loopback Connections option (see above graphic).

In the directory where you installed UltraVNC, you will find vnc_repeater.exe.

On your VNC Repeater machine, start the repeater program by running at a command
prompt: "(path)\vnc_repeater.exe" 5901

Configure public router:
On your router, forward port 5901 to your VNC Repeater machine

 

ON REMOTE MACHINE:

VNCViewer

Now run VNCViewer.exe:

Enter the local IP address (or DNS name) of the machine you want to control

Check on the Proxy Repeater check box, and enter the public address assigned to your VNC
Repeater (or router from which you are forwarding port 5901)

Press the Options... button to specify your connection options. I've found the best remote control
settings to be checking on the Use 8-bit color and specify Hextile encoding method.


VNC through SSH

SSH Server
You will need to provide an SSH Server. This can be a Linux machine, or a Windows machine running OpenSSH (http://sshwindows.sourceforge.net/). Configure your router to forward port 22 (SSH) to your "SSH Server".

SSH Client
Copy (or otherwise provide) vncviewer.exe and an SSH client (Putty.exe - http://www.chiark.greenend.org.uk/%7Esgtatham/putty/ ) to the client to be used to
remote control your WinVNC Server machine.

Configure PuTTY:

Setup a session to forward port 5900 to the machine you want to remote control (using it's local address (or DNS name), in this case:172.16.0.101).
Your SSH Server machine will need to be able to resolve this address/name.



Enter the host name and port (22). You can pass the username by preceding the host name with Username@ as indicated in the above graphic.
Enter a name in the Saved Sessions edit box, then press the Save button.


Select the OPEN button to connect to your SSH Server. You will need to authenticate to the SSH server to establish the SSH tunnel.

With this SSH tunnel established, you will now use VNCViewer to connect to the machine you configured PuTTY for (172.16.0.101)
In the VNC Server: edit box, enter localhost (127.0.0.1).
You will want to select the Options button and select your Format and Encoding settings as described in the graphic.
When you press the Connect button, it will route 5900 local port through the SSH tunnel to the 172.16.0.101 address (according to the PuTTY configuration).

Likewise you could configure Windows XP Remote Desktop (Terminal Services) through SSH in the same manner. To include Remote Desktop, add an SSH tunnel like this:

This configuration would give you both VNC and Remote Desktop (Terminal Services) access to 172.16.0.101 through the SSH tunnel.
Note, the Source port is defined as 127.0.0.2:3389.
This is a bit "different". When you open MSTSC.EXE (the Terminal Services client), you would enter 127.0.0.2 as the connection:
This will connect you to the Terminal Services server of the host machine through an SSH tunnel.


VNC Repeater and SSH Tunnel
Now, let's combine the VNC Repeater and the SSH Tunnel so that we are able to use the VNC Repeater through a secure SSH Tunnel.
Simply change / add the following
SSH tunnel parameters:

NOTE: the source port is 5900, and the destination port is 5901

In the VNC Viewer, connect using these settings:

NOTE: the Proxy/Repeater setting is localhost