Step 1: Install and Configure VNC on the Intranet Server

For Ubuntu, we recommend using tightvncserver:

1
2


sudo apt update    
sudo apt install -y tightvncserver xfce4 xfce4-goodies    

Start VNC and set a password:

1

vncserver

Modify the VNC startup configuration file:

1

vim ~/.vnc/xstartup

Replace the content with:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12


#!/bin/sh    
     
export XKL_XMODMAP_DISABLE=1    
unset SESSION_MANAGER    
unset DBUS_SESSION_BUS_ADDRESS    
     
xfce4-panel &    
xfsettingsd &    
xfwm4 &    
xfdesktop &    
pcmanfm &    
xfce4-terminal &    

Grant executable permissions:

1

chmod +x ~/.vnc/xstartup

Start the VNC service:

1

vncserver -geometry 1920x1080

Step 2: Intranet Penetration with frp

Check if the VNC port is being listened to (usually starting from 5901, incrementing with the order of VNC service startups, e.g., vncserver :7 uses port 5907):

1

netstat -tuln | grep 5901

Similar to setting up SSH intranet penetration with frp, you need to configure two TOML files.

For frps:

1
2


[common]     
bind_port = 7001  # Avoid conflicts with port 7000 used for SSH    

For frpc:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10


[common]    
server_addr = xxx.xxx.xxx.xxx  # Public server IP    
server_port = 7001            # Must match the server's listening port    
  
# VNC mapping    
[[proxies]]    
type = tcp    
local_ip = 127.0.0.1    
local_port = 5901  # VNC service port on the intranet server    
remote_port = 6001  # Port exposed on the public server    

The subsequent steps for setting up and starting the service are the same as for SSH.

Step 3: Open Corresponding Ports on the Cloud Server

For this example, ports 6001 and 7001 need to be opened.

Step 4: Download a VNC Tool on Your Local Machine and Connect to the Remote Desktop

A commonly used tool is RealVNC Viewer. Enter the public server IP and remote port in the address bar to connect:
Pasted image 20250114010330.png

Appendix: Common Commands

VNC Service Commands

Change password:

1

vncpasswd

List active VNC services:

1

vncserver -list

Check used VNC ports:

1

ps -ef | grep vnc

Kill a specific VNC service (replace X with the display number):

1

vncserver -kill :X

Start a VNC service on a specific port:

1

vncserver :7

Other Useful Commands

Check the PID of a process using a specific port:

1

sudo lsof -i :7001

Pitfalls and References

Black Screen Issue:

Solution for VNC Viewer Black Screen (CSDN Blog)

This guide provides a straightforward method to enable graphical remote access to intranet servers using frp and VNC. Happy remote desktoping!

frp + vnc to Enable Graphical Interface for Intranet Servers

A guide to setting up VNC with frp for remote graphical access to intranet servers.