[larkdog]

Hi everyone, I have several questions about remoting into my router and into my computers at home

the reason for this is that I work as an onsite technology sub contractor on the side and sometimes I need to remote into my computer at home from location to get certain utilities or informatin or what ever the case

I have a linux box, a win xp box, a mac laptop and a dual boot laptop at home. I want to be able to remote into all of these if need be.

what is the best method of setting this up, so far I have dyndns running and it emails me ip changes on the fly and I am using VNC and remote desktop

is there a better method

thanx in advance for any suggestions, and thanks for taking the time to make them

[elkabong]

Just a suggestion. Try a free account with
logmein.com It works great for me and gets around even my government firewall at work.

https://secure.logmein.com/go.asp?page=home

[safesax2002]

Set up port forwarding on DD-WRT.

Remote Desktop uses port 3389. If you have more than one, set the incoming as a different port and the outgoing to 3389 and then specify the computer. All you have to do then is remember which port number (i.e. 3390, 3391, etc.) goes to which computer.

VNC, at least for Windows, uses port 5900. Again you can change that by either doing the above method OR you can change the port VNC uses in the program settings. (You can do this for Remote Desktop but you have to dig into the registry).

As far as the Mac goes, I couldn't help you but I'm sure there is something simlair for Mac. Again, just use port forwarding.

The dual-boot will only work on the OS that loads by default. I don't know of a way to select the OS that you want to boot in (i.e. you remote in and reboot to load the other OS).

Obviously they all have to be on for this unless you configure Wake-On-LAN on your DD-WRT router. Then you would have to open up the router to the outside also.

[madman]

I suggest the following save way. Tunnel all traffic over ssh. You can tunnel remote desktop, vnc and what ever you need. you only need a dd-wrt router with ssh enabled and putty!


1. Enable ssh login port 443 on your linksys router running dd-wrt (Administration -> Management -> Remote Access -> SSH Remote Port)

2. download putty

3. open putty
- type in your dyndns ip address
- chose port 443
- connection -> SSH -> Tunnels
- source Port: 3389
- Destination -> internal_ip_address_of_windows_client:3389
- press add
- open the connection to your linksys router
- if you don't have free internet access, you can use also a proxy server to connect.
- if proxy is needed: connection -> proxy
- proxy type: http & proxy ip + proxy port

4. After you have established the ssh connection to your router, you can use remote desktop

5. copy from c:\windows\system32 to another directory (ex: c:\windows\rdp)
- mstsc.exe
- mstscax.dll

6. right click on mstsc.exe -> properties -> compatibility -> run this .... in Windows 98

7. open mstsc.exe

8. type in: localhost

9. now your remote desktop at home appears!

If you need more access to your computer at home, you have to add them in putty (connection -> ssh -> tunnel)

(for ex: vnc; source port: 5900; destination: internal_ip_of_vnc_server:5900; press add)

hope it works

btw: if you use dd-wrt, you can also turn on your computer by using WOL (Wake on LAN).

Madman

[larkdog]

awesome thanks for the input

vnc actually works in tiger OS X 10.4 by enabling vnc connections to control the desktop via control panels > sharing > internet sharing prefpane > services > apple remote desktop > select allow VNC connections to control desktop.

I have used this to control a mac from a win xp box, and it works okay, well as good as VNC gets i suppose.

Just today I did an nmap -O of my ip address from work and I only have one port open (port 80) as far as nmap could tell. I do have some filters running and some ports forwarded, so I may have to do some config there

Configuring the ports for some of this stuff is a bit new to me, so I am trying to be weary on what I allow so it is totally secure.

Thanks again for all the input I appreciate it

[OPaul]

[0ldman]

I haven't tried an SSH tunnel, but it sounds quite a bit like VPN.

My method, I'd set up VPN in the DD-WRT router and RDP/VNC from there.

It would probably be a bit easier than setting up SSH, putty and the works, but might be more insecure. I haven't compared the two side by side yet.

[madman]

ssh on port 443 is for me the easiest way to get into my network.

In a company you have a lot of internet restrictions. I am working as a security expert and believe me, if your company has open ports like RDP (Port 3389) or ssh (Port 22) and so on, you should think of a network security audit.

The problem is, that almost all company's have only three ports open, to access the internet over a proxy server. (HTTP 80; HTTPS 443; FTP 21)

So you don't have a chance to implement a vpn or a direct connection via RDP to your home network. It should be dropped by the company's firewall.

If you using the trick to have a ssh server listening on port 443, you are able to get this connection over a proxy server. If you have an open ssh connection, you are able to tunnel every port to your home network ;)

Putty overs also a SOCKS proxy server. If your company restricts some web sites, you can use your home DSL connection and nobody knows, to which internet sites you are going to.... And all by using a ssh connection to your dd-wrt router.....

btw: if your company is breaking https (looking inside https traffic, I don't know the exact word in english) traffic, your ssh connection over port 443 is still working. tested with Bluecoat.

bye
Madman

[larkdog]

for some reason ssh is grayed out in my DDWRT CP. Is there another option that must be enbaled first before I can set up ssh?

[madman]

Administration -> Services -> enable sshd

bye
Madman

[xciton]

[larkdog]

okay, I enabled ssh and can connect from work to home via ssh, but am not familiar with ddwrt command line. There is no ls and no man pages.

Once I am logged into the router how do I connect to the machines on my local network at home?

thanks for the help

[GrumpY54gsv4]

DD-WRT v23 SP2 vpn (c) 2006 NewMedia-NET GmbH
Release: 08/26/06 (SVN revision: 3724)
root@192.168.128.1's password:
==========================================================

____ ___ __ ______ _____ ____ _____
| _ \| _ \ \ \ / / _ \_ _| __ _|___ \|___ /
|| | || ||____\ \ /\ / /| |_) || | \ \ / / __) | |_ \
||_| ||_||_____\ V V / | _ < | | \ V / / __/ ___) |
|___/|___/ \_/\_/ |_| \_\|_| \_/ |_____|____/

DD-WRT v23 SP2
http://www.dd-wrt.com

==========================================================


DD-WRT VeryBusyBox v1.2.1 (2006.08.25-23:15+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

~ # cd /mmc/
/mmc # ls
etc openvpn usr var www
/mmc # ls -al
drwxr-xr-x 7 root root 1024 Aug 27 19:30 .
drwxr-xr-x 15 root root 145 Aug 25 23:20 ..
drwxr-xr-x 5 root root 1024 Aug 21 10:35 etc
drwxr-xr-x 2 root root 1024 Aug 27 19:30 openvpn
drwx------ 5 1000 100 1024 Aug 21 10:35 usr
drwxr-xr-x 3 root root 1024 Aug 21 10:35 var
drwx------ 4 1000 100 1024 Aug 20 19:22 www
/mmc #


"ls" is here ....

[larkdog]

okay its just not in the root directory, but you can use ls under /mmc

I am familiar with linux, just new to ddwrt. I can ssh into my router now but I want to launch a GUI based remote desktop client and connect to my machine

thanks, I will keep playing with it.

[GrumpY54gsv4]

"ls" is available everywhere

DD-WRT VeryBusyBox v1.2.1 (2006.08.25-23:15+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

~ # ls -al
drwx------ 1 root root 0 Jan 1 1970 .
drwxrwxrwx 1 root root 0 Jan 1 2000 ..
drwx------ 1 root root 0 Jan 1 1970 .ssh
~ # cd /
/ # ls -al
drwxr-xr-x 15 root root 145 Aug 25 23:20 .
drwxr-xr-x 15 root root 145 Aug 25 23:20 ..
drwxr-xr-x 2 root root 483 Aug 25 23:20 bin
drwxr-xr-x 1 root root 0 Jan 1 1970 dev
drwxr-xr-x 5 root root 379 Aug 25 23:20 etc
drwxr-xr-x 2 root root 3 Aug 25 23:20 jffs
drwxr-xr-x 3 root root 242 Aug 25 23:20 lib
drwxr-xr-x 7 root root 1024 Aug 27 19:30 mmc
drwxr-xr-x 2 root root 3 Aug 25 23:20 mnt
drwxr-xr-x 2 root root 3 Aug 25 23:20 opt
dr-xr-xr-x 33 root root 0 Jan 1 2000 proc
drwxr-xr-x 2 root root 663 Aug 25 23:20 sbin
drwxrwxrwx 1 root root 0 Jan 1 2000 tmp
drwxr-xr-x 6 root root 55 Aug 25 23:20 usr
lrwxrwxrwx 1 root root 7 Aug 25 23:20 var -> tmp/var
drwxr-xr-x 6 root root 82 Aug 25 23:20 www
/ #