Hi,
How do I setup OpenWRT as a vnc repeater?
Thanks,
Aaron
Typically you wouldn't, but you may want to install a (road-warrior type) VPN on your router, to access the VNC server directly over the encrypted VPN tunnel; e.g. wireguard comes to mind.
2 Likes
I have openvpn installed would that work?
OpenVPN, strongswan (IPsec), wireguard, …, whatever you're comfortable with (respectively already have set up).
2 Likes
What is the difference between a normal vpn and road-warrior?
There are mainly three common types of VPN setups:
-
roadwarrior
your router becomes the VPN 'server', taking VPN connections from the outside (from your notebook, phone, etc. the road-warrior/ traveling salesman scenario needing access to their files at home) -
client
your router becomes the client to a remote VPN; these days popular with commercial VPN services, you dial into their network, to hide behind them. -
site2site
interconnecting two (or more) offices/ office branches, to make them part of one big virtual network over the internet.
It sounds like openvpn is setup as a roadwarroir by default.
Depends on how you set it up, OpenVPN, strongswan or wireguard can be set up for either if these roles (it's just a policy decision of how to set up the routing, firewalling et al). If you already have it that way, great, dial in, start your vnc session, done.
I can access the router with vpn but how do I access ethernet connected devices?
With their IP address.
Let me be a more clearer, I mean with vnc.
Aaah, OK.
With their IP address - at port 5900/tcp.
(Is there some other issue you're experiencing after setup?)
1 Like
I guess that is vnc repeater installed by opkg install vncrepeater? So their addresses would be on port 5900 and openwrt on port 5901? (Sorry, trying to get a mental picture of the setup)
If you have a OpenVPN connection into your lan, you don't need vncrepeater (I really don't see the point of it), just use the VNC client to connect to your VNC server's internal IP, e.g. 192.168.1.987:5900.
2 Likes
I have read on other forums that vnc is not supported hence vnc-repeater.
Then you'll first need to ensure your laptop/desktop supports VNC first. This can be done by installing a VNC server software to the device.
e.g.
- VNCServer https://www.realvnc.com/en/connect/download/vnc/ for Windows; or
- krfb https://apps.kde.org/krfb/ for *nix-like OEes
(Not sure why you keep insisting special software is needed on the router, aside from setting up VPN. Feel free to elaborate/inquire if there's some remaining confusion.)
1 Like
It works for me with just VPN and VNC server+client.
2 Likes
I have never set it up before hence the confusion.
Well, I have always done the following:
port forward(this is similar to a repeater traversing the NAT, that has weak/no security) methods like this are insecure- which I presumeis why @slh suggests inbound VPN
- SSH tunnel (
key-based only, password access disabled)
I've never used desk relay/repeater software to accomplish desktop access in my IT career - so it's odd to me "other forums" suggest it. To each their own.
Thanks! I managed to get it working installing krfb on Ubuntu and accessing via Remina on my Linux Mint laptop. I did not need to mess with openwrt after all. Although, I now need to figure out how access it from over the internet?