w*s 发帖数: 7227 | 1 Hi, i have a question like this,
want to install ubuntu VMs in person A's pc at home,
when VMs are running, we can turn on ubuntu remote access.
then B will try to access his VM instance from his house using VM's ip,
C will do the same thing.
My question is, can it work ?
what ip shall B and C use for remote access ?
this is at home, there's no VPN. | S*A 发帖数: 7142 | 2 In this regard the VM have no different than a real PC.
It is the same way you access from B's home to your home PC.
You need to do the same port forwarding on your home router.
It does not matter it is VM or not.
【在 w*s 的大作中提到】 : Hi, i have a question like this, : want to install ubuntu VMs in person A's pc at home, : when VMs are running, we can turn on ubuntu remote access. : then B will try to access his VM instance from his house using VM's ip, : C will do the same thing. : My question is, can it work ? : what ip shall B and C use for remote access ? : this is at home, there's no VPN.
| w*s 发帖数: 7227 | 3 actually i have no idea about this port forwarding,
if install VNC, do i need to worry about these ?
i mean what's the easiest way for a dummy to setup remote access across
several homes ? have no idea about firewalls.
many thanks !
【在 S*A 的大作中提到】 : In this regard the VM have no different than a real PC. : It is the same way you access from B's home to your home PC. : You need to do the same port forwarding on your home router. : It does not matter it is VM or not.
| S*A 发帖数: 7142 | 4 Of course you need to config the port forwarding.
Your home machine have internal IP address which is
not visible from the rest of the internet.
Just look up your router manual how to setup port
forwarding.
Regarding VNC, it is usually a very bad idea to port
forward the VNC display directly. Because VNC has no
encryption and it is subject to sniffering and bruce force
attach.
It is much better have a home SSH server. Only port
forward to the SSH server, then use ssh tunnel to forward
to the VNC port. That way you don't expose your VNC
port directly on the internet.
【在 w*s 的大作中提到】 : actually i have no idea about this port forwarding, : if install VNC, do i need to worry about these ? : i mean what's the easiest way for a dummy to setup remote access across : several homes ? have no idea about firewalls. : many thanks !
| w*s 发帖数: 7227 | 5 will give it a try, thanks a lot !
【在 S*A 的大作中提到】 : Of course you need to config the port forwarding. : Your home machine have internal IP address which is : not visible from the rest of the internet. : Just look up your router manual how to setup port : forwarding. : Regarding VNC, it is usually a very bad idea to port : forward the VNC display directly. Because VNC has no : encryption and it is subject to sniffering and bruce force : attach. : It is much better have a home SSH server. Only port
| w*s 发帖数: 7227 | 6 if the openSSH uses port 22, which protocol is it (only TCP, UDP in the
router menu)
also this port 22 is for source port or dest port ?
how about "forward to port" ?
thanks very much !
【在 S*A 的大作中提到】 : Of course you need to config the port forwarding. : Your home machine have internal IP address which is : not visible from the rest of the internet. : Just look up your router manual how to setup port : forwarding. : Regarding VNC, it is usually a very bad idea to port : forward the VNC display directly. Because VNC has no : encryption and it is subject to sniffering and bruce force : attach. : It is much better have a home SSH server. Only port
| z*********e 发帖数: 10149 | 7 normally tcp port 22, but you can change that
【在 w*s 的大作中提到】 : if the openSSH uses port 22, which protocol is it (only TCP, UDP in the : router menu) : also this port 22 is for source port or dest port ? : how about "forward to port" ? : thanks very much !
| z*********e 发帖数: 10149 | 8 I am not expert but I can share something. I had a few vm on esxi, each of
those have a virtual ethernet adapter which, if I see from the router or
other machine, they all use their dedicated NIC. So it just works like there
's a direct connection between router and the vm, and the hypervisor is
transparent between them.
e.g.
esxi hypervior has ip addr of 192.168.1.100
vm1 on hypervisor has ip addr of 192.168.1.101
vm2 on hypervisor has ip addr of 192.168.1.102
from the user's view of persective there are 3 individual NICs, although
physically there is only one.
【在 w*s 的大作中提到】 : actually i have no idea about this port forwarding, : if install VNC, do i need to worry about these ? : i mean what's the easiest way for a dummy to setup remote access across : several homes ? have no idea about firewalls. : many thanks !
| S*A 发帖数: 7142 | 9 The port of 22 is both source port and the dest port.
It depend on which way the packet is going. If the packet
send from your openssh, it is source 22.
In the router you UI want to config the dest port.
it is the first packet that come from external IP with dest port
as 22 to connect to your ssh server. After that, the
router will remember the connection and deal with the
packet on the other direction as well.
The source port in that UI is the port you want to use
on the router. You can set it other than 22. e.g. If you set
that to 222, you just need to connect to your router port 222
from external IP.
【在 w*s 的大作中提到】 : if the openSSH uses port 22, which protocol is it (only TCP, UDP in the : router menu) : also this port 22 is for source port or dest port ? : how about "forward to port" ? : thanks very much !
| S*A 发帖数: 7142 | 10 that is what I am saying, the VM or not, it make no difference
from the router point of view.
there
【在 z*********e 的大作中提到】 : I am not expert but I can share something. I had a few vm on esxi, each of : those have a virtual ethernet adapter which, if I see from the router or : other machine, they all use their dedicated NIC. So it just works like there : 's a direct connection between router and the vm, and the hypervisor is : transparent between them. : e.g. : esxi hypervior has ip addr of 192.168.1.100 : vm1 on hypervisor has ip addr of 192.168.1.101 : vm2 on hypervisor has ip addr of 192.168.1.102 : from the user's view of persective there are 3 individual NICs, although
| z*********e 发帖数: 10149 | 11 sorry I missed your point. I should've read it more carefully
【在 S*A 的大作中提到】 : that is what I am saying, the VM or not, it make no difference : from the router point of view. : : there
| w****e 发帖数: 586 | 12 其实就是要穿透两层,一层局域网NAT,一层是host和vm
除了上面说的在router做port forwarding,vm使用虚拟网卡,还有一招大绝招,一次
穿透任意多层,无需修改任何中间router的设置,vm上一条命令全搞定。就是ssh反向
代理。自行google就知道了,唯一的要求是有个公共ip的跳板 |
|