[CS-FSLUG] A couple things - VNC through router
Frank Bax
fbax at sympatico.ca
Thu Mar 19 19:36:07 CDT 2009
Chad Fluegge wrote:
> Also, I have question regarding VNC... The first thing that happens in
> our shop when someone wants something burnt, is they send the file to
> our email address. Then we download the file to our computer. Then using
> various applications - Solidworks, alibre, cuttingshop, Ncell, iRemote,
> iReport - we prep the file to be burnt and then send it off to the laser
> to be burnt. All our computers are behind a Router/Firewall. Is using
> VNC a feasible way to do all this work remotely? The reason I ask is
> because some of the programs are somewhat graphics intensive at times,
> depending on how intricate the part is. If it is a feasible way, how do
> I set it up? I have used VNC before, but only in a local setting - eg
> from one local computer to another. Do I have to setup port forwarding
> in the router in order to set this up?
In this situation, VNC is better than remote desktop (rdp); because rdp
will send every video change to remote system; whereas vnc only sends
periodic changes. Although you can setup port-forwarding on your router
to handle vnc, this will not be a secure connection; and the traffic can
be monitored. A better solution is to use an encrypted tunnel and then
run vnc over it. ssh can be used for the tunnel; in which case you only
forward port 22 to a Linux machine and do authentication there. Once
the tunnel is established, then start vnc. If you use TightVNC, this is
probably the most asked scenario on the mailing, so read the archives.
When it comes time to make remote connection; a Linux machine (like
yours at home) can make the connection to remote system with a one-line
command. This is because vncviewer on Linux supports a -via option
which will setup/use an ssh tunnel. If the remote system in WinXP; then
you must use something like PuTTY to setup the tunnel (doable, but
tricky to setup and to use); then run vncviewer over the tunnel.
I have sites where we installed routers that support OpenWRT; in this
case the router can be the target of tunnel (so you don't need to
forward port 22 to another Linux box).
Finally; if the office is on a dynamic ip address, you'll need a service
like dyndns.org to monitor the changes in ip address; so you'll know
where to target your vnc connection.
Frank
More information about the Christiansource
mailing list