New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Is it possible to do RDP
Hi All,
I have the following setup in my home.
1) ISP provides a small device called ONU I believe
2) ONU LAN to Orbi Internet Port
3) And I connect to internet via PPPoE from Orbi router
Now I did port forward in my Orbi router to my PC local IP. And trying to connect to this machine via public IP from remote device, it is not working.
Also
I do see two different IP
1) WhatIsMyIP in google shows a different address
2) In router page (connection status) it is showing different address
Is it possible to do RDP on my device having dynamic IP?
Comments
Perhaps your ISP is using another layer of NAT between you and the outside. If that is the case then you will be unable to accept any incoming connections directly (your ISP won't let you set port forwarding rules on their routers) but you could do it by opening a reverse tunnel or using a VPN that your home machine calls out to.
For the reverse tunnel option to a VPS of your own, or a SSH account elsewhere, do something like:
Now you can connect to yourvps.name.or.ip using RDC and the connection should be forwarded back along the SSH tunnel to you home machine. The machine you are connecting from doesn't care what your home address is, as it connects to the VPS, so it doesn't matter how dynamic that address is or how many layers of NAT exist between it and the rest of the Internet. Note that for this to work you need GatewayPorts enabled in your sshd_config on the server.
If you need to connect to more than one machine this way, you can add an extra tunnel directive:
Then you can use RDC to connect to the second machine by connecting to yourvps.name.or.ip:3390.
Once you confirm that this works, use something like autossh to make sure the tunnel is remade if it breaks (due to connection drop or other issue).
For the VPN option: there are a number of products out there that would allow you to do the same thing, if you trust them to have their client installed on your home machine and your remote one. Or you could setup your own OpenVPN or wireguard arrangement in a VPN if you are comfortable doing that.
I believe Yes, my provider is doing another layer of NAT. I dont have access to their router as well.
I am little bit confused on the above method. Let us consider I have these
1) Ubuntu VPS
2) Windows 11 Desktop which I need to RDP
My understanding
1) Windows 11 Desktop will run some services which will connect to the VPS (VPN)
2) My VPS also will run some kind of services to forward my RDP connection to my Desktop as both are connected via some client
If my understanding is correct, can you tell me the easiest way or tutorial which I can use to perform 1 and 2
Thanks
Another method you can try is to set up a Wireguard VPN server on your VPS, connect your Windows 11 desktop to the Wireguard VPN, set a KeepAlive to make sure that it stays connected to the VPN tunnel and then expose RDP to the VPN tunnel. This will ensure that only those with VPN access can RDP into your machine.
There's a bit more setup than doing an SSH reverse tunnel but personally I think it's a better way to provide RDP without exposing it over the public Internet.
Want something simple? Give tailscale a try.
Yes, either a VPN client, or a SSH client. As you are runnin Windows 11 you may have SSH installed already or can install it ala https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse
Yes, either the OpenSSH server (which it most likely does already so you can SSH into it for admin) or the VPN server you chose. If you trust a 3rd party VPN provider, you can skip this part and not need to do anything on your own server.
For the VPN option you need the VPN client installed on your remote machine also. As deltatux points out this is more secure than SSH tunnelling as your RDP port is only open to other machines on the same VPN (though if you have strong passwords for all accounts and keep Windows patched up-to-date RDP is not overly dangerous to present to the world).
For the SSH option: what I already said above. If that is not clear search for things like “ssh tunnel tutorial”.
+1 tailscale its a Zero config VPN and saves rdp being on a public ip
https://tailscale.com/
I just use Google Chrome Remote Desktop. No need to mess around with port forwarding.
Same, but you need to trust google. Any kind of thing like that, such as gotomypc, TV or even opensource ones involves some degree of trust.
A SSH or wireguard option will dramatically limit the risks to, basically, the snooping on your VPS by your provider, some hacker or regime given that you secure WG reasonably well.
They would still need to know windows user and password but I trust there are ways for that.
Buy windscribe VPN. It allow you to book ip, and open port on your local pc.