Remote desktop over the internet

Hi,

I have been trying to get remote access over the internet on jetson xavier for a long time and everything has failed. Tried:
Teamviewer, NoMachine, VNC and now XRDP.

VNC looks very promising, but cant port forward in my tplink router to get access over internet, if any suggestion please pass.
Next is the xrdp, im trying to get the access, but when I login using rdp, i get black screen with nvidia logo and goes off.

Please tell me which is the best way to remote login over internet, FYI doesnt matter if its ust terminal access.

1 Like

Just use SSH. Open port 22 on your router.

Hi @foobar.warren,

YEs, I would like that actually, I dont need a full GUI of my desktop.
But even TeamViewer wont work till now with Jetson?
anyways, But I cant open the port in the router, Im using TPLink.

By default the Xavier will allow this. If you have firewalling software at your PC’s end, or if the router is restricting this, then you’d have to make changes to those settings. Do make sure you can ping the Jetson’s address first; if you cannot ping, then the issue is more than a port being blocked.

NOTE: Also look at “ifconfig” and “route” on both PC and Jetson to see if they are on compatible subnets if ping fails.

Hi @linuxdev,

There is no firewalling softwaare at my PC’s end, and I can ping my Xavier also from my PC. I can use SSH to the device through my PC also, what I’m saying is I cant open port 22 to remote over the internet, So should I do this at the router level or device level?

But it will be great if TeamViewer works in Xavier, is that possible?

Sounds like that port is not being passed through your router - learn how to set up a port forwarding with that port through your tplink.

Here’s a thread to follow:
https://community.tp-link.com/en/home/forum/topic/87844
Good luck.
Larry

Hi @larry.ciummo,

I did setup the Virtual server in Tplink which is basically the port forwarding option for this router, But after that, I can’t see the port open using canyouseeme.org, Do you think my ISP can block certain port?

Whatever, The whole purpose of this question is, Need to ssh or seee the remote desktop of my Xavier, cuz I’ll be shipping my project to europe and It will be great to debug if anything comes . 2 years and still no solution from team viewer side also. sad!!

I may not help further if it is just a TP-Link forwarding or route issue, sorry, but have you been able to get remote desktop in LAN ? This would be the first step.

I ask this because so far, I’ve only been able to get remote desktop over LAN through tiger-VNC or NoMachine when my Jetson had user auto-logging setting. Not tried Vino which seems to be the supported way, though.
My understanding is that these remote desktop will clone an existing display. However, it seems to me that the greetings display is run by root, but as your user connects, a new display is created by NVIDIA X server, so it is no longer available. The user auto-logging solves this by having a display for your user beforehand.

Someone with better knowledge about this may further comment.
I cannot say about the security issues with various software in such case, but there might be some.

I agree with what others have said, but I will add some information for you which might help.

Normally, when multiple systems are connected together through a switch, every device will be able to see and interact directly with every other device on the switch. No IP address is being shared.

When you use a router the LAN part will normally be just like a switch, and all of the devices locally connected will see each other. Each device will be assigned its own address, but this is only true on the private local network part of the router.

Once you have multiple devices sharing an address (which is what happens when the router aggregates all of those LAN devices to share a single address to the ISP), then the router will know which device to forward ports to if and only if the traffic is a reply to something the inside device originated. The router knows when a device requests something from the outside world, but if the traffic originates outside, then the router has no means to know which device the port should be forwarded to.

Routers have different mechanisms for configuration, but basically, if you know all ports involved with your remote desktop, then you should be able to tell the router that any traffic coming to its public interface wants to talk to that port, then to blindly forward it to that internal device. After that it should work, but this is 100% a function of the router, and no device has any control over it.

There are sometimes ways to sort of work around this, for example, if someone is sitting locally at the Jetson, and opens an ssh connection to your PC somewhere else, with the ssh set up as a tunnel, then the connection would have originated at the Jetson, and so the router would not need any special configuration. Ironically, if the PC is behind a router, then the router on the PC will need to be set up to blindly forward to the PC.

A lot of VPN services are based on this: They provide an outside world encrypted server, and each of the devices which are behind a router can talk to that server, and the server links the devices.

I do not know which ports are required, but you would need to forward those ports. You would also need to know what protocol is being used, but likely it is TCP (it could be UDP) since forwarding of a port requires knowing what protocol for most routers.

1 Like

ISP do often block port 22. You best bet would be to SSH in on a port that is open and map that port to 22 in your router.

lc

Hi @larry.ciummo,

Sure I understand, I guess my ISP is blocking it. But I was thinking for my scenario, it would be best to have any application like teamviewer or Chrome remote desktop, which doesnt need the port forwarding…

But really sad, None supports arm64, Jst totally kept ignoring this architecture by these providers. Its been 3 years and nothing. Atleast if there is any amd64 emulator, so I can use amd64 app like teamviewer or chrome remote desktop in xavier will be good.

Maybe you should just try getting ssh up on an alternate port…

Good luck,
lc

Hi @larry.ciummo,

Sure thank you for this article, Ill look to it,
But you dont have anything to comment on the second para ? Dont you think its sad that this situation is happening even now?

Sorry - I don’t use either one of those - I try to use xrdp or vnc for remote access when ssh isn’t enough.
lc

Ok, But @larry.ciummo, If I achieved the port forwarding here at my place, How will I achieve it when I ship this device to a different place/country?

Like, I have added port forwarding servers in Tp LInk router, but it still isn’t working, So i think I have to enable it through my ISP panel. But similar scenario, how will I do it when I ship it, ? thats My fear.

Or Am I wrong here ? Does ISP can block or control the ports we use? or even port forwarding feature as a whole, or the router has the complete power ?

True - if you have your board behind a firewall or with an ISP (or even a cell modem carrier) that blocks port 22, you will have the same issues.

In that case, I would change the ssh port in Linux, and create a very strong password as it is likely any product on the internet will be attacked shortly after your Ethernet link light goes green.

Okay, I shall look into changing my device SSH port.
But after I change the router to port forward to this specific port for SSH, wont it affect with my scenario?

I’ll be shipping both device and router which has the port forward config and static ip address for the device.

I know I’ll have to do something to get the public IP of the device gets after it is shipped to the new location, But if I somehow get the public IP of the device, will I be able to connect to the device ?, Im worried will the ports be blocked or port forwarding is disabled in the europe ISP ?

For the IP address, I would set up your router to do the dyndns hostname for global access, if it has that capability.

BTW, does this NOT work for you Teamviewer for RasPi ARMv8 - ARMv8 is the arch of the Linux chip in the Xavier.

@larry.ciummo,

Have you tried this?
I have tried it three months back, and I had did quite a research on TV,
the arch you have mentioned for RPi is armhf, isnt it basically 32bit ? and totally different architecture ?

Previouly when I tried installing it, I was goign thru the TV forum and ppl were and are still asking when will the ARM64 verision update release will happen.

This is a good point. However, what I would suggest is setting up public/private key pairs, and disabling ssh login via password. Also, add firewall software to close off any port you will not be using from initial sources outside of the Jetson. Security is its own topic though.