Remote Desktop Connection works on LAN; how ensure it works when move target OMV outside of LAN?

markmarz · 23. Juni 2018

I've set up OMV on a NUC with RDC and Plex plugins. Works just fine! But it's on my LAN and I want to send the NUC 2,000 miles away to my brother's house. I know I'll be able to administer Plex (to a limited degree) with the Plex web interface no matter where the NUC resides without any further changes. But I'm sure I'll have to do something to use RDC to administer the NUC remotely. That is the only reason I'm using RDC now by the way, just to test out using it to administer the NUC. Normally I use SSH on my LAN.

I've experimented with Teamviewer but had a rough time since the NUC is headless. Ditto RealVNC. No such problems with RDC plugin.

I'm ignorant about most network stuff, though I'm trying to change that. Hardly know where to start, can get very confusing right quick. One thing I read was if you want to use RDC remotely you should do so through a VPN. Well, I installed OpenVPN on a Raspberry (with PiVPN) just for that purpose and OpenVPN works, but I really don't know next steps or how to use that with RDC once the NUC has moved.

My guess is I'm going to need to know the external and internal IP addresses for the NUC after it's hooked up to my brother's network. I'm sure I can put together a script that will email that information to me at boot time. But then what??? Hah-hah!! I'm really a dummy on this stuff. There's a lot of books I could read and I've certainly been hammering on Google, but I need a little guidance to get on the right road.

Any suggestions would be very much appreciated!

TheLostSwede · 24. Juni 2018

Easy way, set up a VPN server on your router, assuming it supports it. OMV has a plug-in that allows you to set up a OpenVPN server as well, but I haven't tried it. The RPi is way too under powered to run a decent VPN, whereas routers that support VPN server tends to have hardware encryption offloading at a very minimum. You might be able to get a single connection using it, but I doubt it'll do much more and the speed will be very slow. Your NUC has a lot more processing power and would be a better platform to run the OpenVPN server on.

OpenVPN is otherwise quite easy to use. No need to know the external IP address, just the internal one, as the VPN makes your internal network accessible to anyone that connects to it. You need to configure OpenVPN so remote connections have access to your LAN though, as otherwise you can't access devices on the LAN.
OpenVPN has a mobile app that you can download and use 3G/4G to test the connection with, which might make your life a bit easier testing things out.

OpenVPN should allow you to download a configuration file and that file is then used in conjunction with a VPN client on the device you want to connect to the VPN. It doesn't require any messing around, just importing the file should be enough.

This might be a good place to start Setting up openvpn

markmarz · 24. Juni 2018

Thanks for your reply!

So as long as the client has the generated client configuration, then it can connect to my NUC from anywhere? Wow, I had no idea! This brings up more questions but I'll dig around on my own before asking.

TheLostSwede · 27. Juni 2018

Zitat von markmarz

Thanks for your reply!

So as long as the client has the generated client configuration, then it can connect to my NUC from anywhere? Wow, I had no idea! This brings up more questions but I'll dig around on my own before asking.

I'm not running OpenVPN on my OMV machine, but rather on my router, so yes, as long as I have the client file for OpenVPN installed on my phone or PC, I can access my home network from anywhere that I can connect to the internet. Obviously if you're running OpenVPN on your OMV machine, you most likely have to set up some kind of port forwarding to it from your router to allow outside connections to access the OpenVPN server.

Using a VPN is by far the easiest way to access your own network, or to give someone access. The advantage of running the OpenVPN server on your OMV machine, from what I can tell at least, is that you can create user account based access. This would be tied to the OMV user accounts by the looks of the OpenVPN UI in OMV. I've not tried this myself, so I can't say for sure that it works like this.

markmarz · 27. Juni 2018

Since you pointed me in the right direction, I installed the OpenVPN plugin on my NUC and port forwarded 1194 to it and it works beautifully! My test was to create a client .conf file and import it into the OpenVPN app on my android tablet. Then I went to the local library and was able to access my LAN from their network using RDC without a hitch. Love it! BTW my router doesn't support VPN install. But since I only need VPN for this single use case I don't see why I'd want to put all traffic through it anyway.

Ultimately I'm going to ship the NUC across country, but now that I'm using a Dynamic DNS provider in combination with ddclient on the NUC, I'm confident the DDNS will be updated with the new external IP within 5 minutes of booting. My brother will assign a permanent internal IP to the NUC and port forward 1194 to it. Should work, I'm excited to try it out!

As far as user based access, yes I think it works that way. When I generated a certificate with the plugin (so easy!), I had to select a user. It offered my own user account as well as the OpenVPN system user. I chose my own user id. It may work as well with the OpenVPN user id but I'm not all that curious since it works as is.

When I was running OpenVPN on the RPi, everything worked smoothly as well. Speed was fine, I suppose when it's crossing 2,000 miles it wouldn't be as fast, but that's the internet not the RPi. But then I realized unless I shipped the RPi to my brother as well, it wasn't really going to work for my purpose. Your suggestion to put it on the NUC answered multiple questions.

Thanks for your help!

Jetzt mitmachen!